From owner-cvs-all  Mon Jun 28 10:33:42 1999
Delivered-To: cvs-all@freebsd.org
Received: from enst.enst.fr (enst.enst.fr [137.194.2.16])
	by hub.freebsd.org (Postfix) with ESMTP
	id CB0111539D; Mon, 28 Jun 1999 10:33:32 -0700 (PDT)
	(envelope-from beyssac@enst.fr)
Received: from bofh.enst.fr (bofh-2.enst.fr [137.194.2.37])
	by enst.enst.fr (8.9.1a/8.9.1) with ESMTP id TAA01845;
	Mon, 28 Jun 1999 19:33:12 +0200 (MET DST)
Received: by bofh.enst.fr (Postfix, from userid 12426)
	id 6CC93D226; Mon, 28 Jun 1999 19:33:12 +0200 (CEST)
Message-ID: <19990628193311.A63701@enst.fr>
Date: Mon, 28 Jun 1999 19:33:11 +0200
From: Pierre Beyssac <beyssac@enst.fr>
To: Dag-Erling Smorgrav <des@flood.ping.uio.no>,
	Pierre Beyssac <pb@FreeBSD.ORG>
Cc: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG
Subject: Re: cvs commit: src/usr.sbin/vipw pw_util.c vipw.c
References: <199906261215.FAA18022@freefall.freebsd.org> <xzpogi01e8n.fsf@flood.ping.uio.no>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.93.2i
In-Reply-To: <xzpogi01e8n.fsf@flood.ping.uio.no>; from Dag-Erling Smorgrav on Mon, Jun 28, 1999 at 06:28:24PM +0200
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk

On Mon, Jun 28, 1999 at 06:28:24PM +0200, Dag-Erling Smorgrav wrote:
> >   Force umask to 077 (instead of 000) during the edit phase, to get
> 
> Wrong fix. The correct fix is to save and restore the original umask.
> See attached patch.

I disagree; the umask 077 is on purpose because we're dealing with
the password file, not just any random use of $EDITOR.

Given that many people have a root umask set to 022, it's much
safer to force umask to 077, since master.passwd (and hence any
partial write of it) shouldn't EVER be world-readable.
-- 
Pierre Beyssac		pb@enst.fr


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message