Re: depmod -a and non-default umask

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Josh,

On Thu, Jan 17, 2013 at 11:59 AM, Josh Boyer <jwboyer@xxxxxxxxx> wrote:
> On Wed, Jan 16, 2013 at 2:42 PM, Lucas De Marchi
> <lucas.demarchi@xxxxxxxxxxxxxx> wrote:
>> Hi Josh,
>>
>> On Wed, Jan 16, 2013 at 11:55 AM, Josh Boyer <jwboyer@xxxxxxxxx> wrote:
>>> On Tue, Jan 8, 2013 at 9:55 AM, Josh Boyer <jwboyer@xxxxxxxxx> wrote:
>>>> Hello,
>>>>
>>>> We've had a report[1] that depmod -a with a non-default umask (0027 in
>>>> this case) can leave the produced modules.* files with permissions other
>>>> than 0644.  Now, this isn't really a bug because depmod is already
>>>> explicit with its permissions and open/openat honor umask.  It can,
>>>> however, leave a machine in a state where non-root users can't read those
>>>> files.
>>>>
>>>> I'm curious if people think depmod should set its own explicit umask to
>>>> ensure the file permissions are set to 0644.  If so, I could create a
>>>> patch to do this rather quickly.  I wanted to get the upstream opinion on
>>>> this situation first though.
>>>
>>> Any thoughts at all?
>>
>> Sorry for the delay.
>>
>> I think it's weird to set the umask so files are not created with read
>> permission for users and then complain that depmod did exactly that.
>
> Yeah, I do as well.
>
>> How do I know if he indeed want to allow the user to run modinfo and
>> other tools that doesn't require privilege?  After all if we reset the
>> umask I don't want to receive bug reports by users complaining they
>> told not to create file that way and that we are not honoring that.
>
> Yes, that makes sense.
>
>> That said, I never saw such a setup but if it's common to do this we
>> could think about resetting the umask.  Does any distro ship with that
>> umask by default?
>
> Not that I'm aware of.  I was only asking to see if anyone else thought
> it was a good idea, but it seems not.  I'll tell the bug reporter that
> he should manually change the umask himself.


Thinking again of it, I think having a call to umask in depmod would
not do any harm on sane systems. So if you think it's desirable to
solve this issue in upstream, please send a patch... that should be a
oneliner with a comment saying it's there for weird setups.


cheers
Lucas De Marchi
--
To unsubscribe from this list: send the line "unsubscribe linux-modules" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux