Package umask issues

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Spot,
During FUDCON2 one of the TODO's I promised you was to send details about package umask issues. This is only an issue for sysadmins when they insist on using a system umask of 077 supposedly for some hardening reason. Two kinds of packages then have problems:
1) Packages with unowned files or directories. This of course has an obvious solution, simply own it. This is already covered in our packaging guidelines. MUST right? 

2) Packages which create unpackaged files in scriptlets like %post
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136030
This is one example where this caused a problem. The quick and ugly workaround is to explicitly set umask at the beginning of the scriptlet. But the correct fix would be to make it so the software does not create files in %post. The latter solution is not always trivial. 

Should we make #2 a SHOULD or MUST in guidelines?

Warren Togami
wtogami@xxxxxxxxxx
[Index of Archives]     [Fedora Users]     [Fedora Development]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]

  Powered by Linux