Package: bash Version: 4.3-11+b1 Severity: normal Dear Maintainer,
The POSIX.2008-1 documentation states how the umask command should operate: http://pubs.opengroup.org/onlinepubs/9699919799/utilities/umask.html There is a common (but misguided) departure from POSIX when a user specifically instructs that a regular file have execution permission. E.g. original_umask="$(umask)" umask u=rwx,go= printf '%s\n' ls > myscript.sh umask "$original_umask" stat myscript.sh File: ‘myscript.sh’ Size: 3 Blocks: 8 IO Block: 4096 regular file Device: fe00h/65024d Inode: 920267 Links: 1 Access: (0600/-rw-------) Uid: ( 1000/ dan) Gid: ( 1000/ dan) Access: 2015-07-11 14:28:58.806564015 +0200 Modify: 2015-07-11 14:29:49.758816674 +0200 Change: 2015-07-11 14:29:49.758816674 +0200 Birth: - * First and foremost, the documentation and behavior are mismatched. This is *never* acceptible. Certainly the documentation must change to reflect the behavior, or the behavior should become aligned with the POSIX standard. While bash need not be POSIX compliant, this is the case for why the behavior should change to become POSIX compliant: There is a common misconception that ignoring the users instruction to create executable files is a "security" feature. This is nothing more than an inconvenience masquerading as a security feature. Users already have the priviledge to make files executable. Forcing the use of the /chmod/ command instead only hinders performance (causing a needless fork and exec), and does not restrict security privileges whatsoever. The umask works as described for creating /directories/. However, the /mkdir/ command already provides a permission specifier (the -m switch). So it's senseless for umask to treat directory creation different from regular file creation without offering that separation syntactically, and worse to allow unspecified behavior to affect regular files, as there is no other syntax for specifying shell-created regular files. -- System Information: Debian Release: 8.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages bash depends on: ii base-files 8+deb8u1 ii dash 0.5.7-4+b1 ii debianutils 4.4+b1 ii libc6 2.19-18 ii libncurses5 5.9+20140913-1+b1 ii libtinfo5 5.9+20140913-1+b1 Versions of packages bash recommends: ii bash-completion 1:2.1-4 Versions of packages bash suggests: pn bash-doc <none> -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
