oss-sec mailing list archives
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022
From: Seth Arnold <seth.arnold () canonical com>
Date: Thu, 8 Oct 2020 21:02:13 +0000
On Thu, Oct 08, 2020 at 08:29:39AM -0500, Bob Friesenhahn wrote:
It seems that the issue we encountered is due to 'USERGROUPS_ENAB yes' in /etc/login.defs. I am not sure if this is specific to Ubuntu. This setting changes the umask from the default:
Aha, thanks for indulging my curiosity and tracking this down. Ubuntu doesn't carry any changes to this package compared to the Debian package (any differences would be in a 'login' directory in https://patches.ubuntu.com/l/ ). "USERGROUPS_ENAB yes" may have been a Debian default setting since 1999 or so; archaelogy on packages this old is a little difficult, but the tarball on: https://sources.debian.org/src/shadow/19990827-20/ has several login.defs* files: $ ls -l etc/login.defs* -rw-r--r-- 1 sarnold sarnold 5426 May 1 1997 etc/login.defs -rw-r--r-- 1 sarnold sarnold 4272 Aug 27 1999 etc/login.defs.hurd -rw-r--r-- 1 sarnold sarnold 10165 Aug 27 1999 etc/login.defs.linux $ grep USERGROUPS etc/login.* etc/login.defs.hurd:USERGROUPS_ENAB yes etc/login.defs.linux:USERGROUPS_ENAB yes By 2005 or so, the archaelogy gets easier: https://sources.debian.org/src/shadow/1:4.0.18.1-7+etch1/etc/login.defs/ https://sources.debian.org/src/shadow/1:4.0.18.1-7+etch1/debian/changelog/ I believe "USERGROUPS_ENAB yes" has been a Debian default since 1998 or 1999. Thanks
Attachment:
signature.asc
Description:
Current thread:
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022, (continued)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Solar Designer (Oct 12)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Kurt H Maier (Oct 12)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Jeffrey Walton (Oct 12)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Brian May (Oct 12)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Russ Allbery (Oct 12)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Eli Schwartz (Oct 13)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Seth Arnold (Oct 07)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Bob Friesenhahn (Oct 08)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Seth Arnold (Oct 08)