oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022

From: Kurt H Maier <khm () sciops net>
Date: Mon, 12 Oct 2020 13:31:08 -0700
On Mon, Oct 12, 2020 at 09:41:39PM +0200, Solar Designer wrote:

I also think the defaults should be changed, and not only on Debian.


This is just kicking the can down the road.  X years ago people
complained about oppressive defaults.  X years from now these defaults
will also be insufficient.   We could save a lot of treadmill labor
dollars by just admitting that global filesystem namespaces are a
mistake, but the sunk cost fallacy is preventing this.  It's the same
story as SETUID all over again.

khm
Previous By Date Next
Previous By Thread Next

Current thread: