On Fri, 24 Jan 2025 01:38:21 +0100 Chris Hofstaedtler <z...@debian.org> wrote: > Control: tags -1 - moreinfo > > On Thu, Jan 23, 2025 at 07:18:39PM +0000, Luca Boccassi wrote: > > On Thu, 23 Jan 2025 18:17:28 +0100 Chris Hofstaedtler <z...@debian.org> > > wrote: > > > Source: systemd > > > Version: 257.2-2 > > > > > > please apply this commit to the systemd that trixie will get: > > > > > > > > https://github.com/systemd/systemd/commit/a4d18914751e687c9e44f22fe4e5f95b843a45c8 > > > > > > It already changes the default to the value that we want (0600). > > > > This is quite an invasive patch, that would make stable release > > maintenance more painful and time consuming. Can it not wait for Forky? > > Are there any pressing issues that would be solved with this backport? > > The old defaults are a partial security problem (depending on who > you ask). Previously users could call "mesg n" to be safe, and some > root bashrcs seem to do that (maybe even by default in some > releases).
Can you please clarify the security problem it solves on the upstream PR? If that's the case then it's a candidate for upstream stable backports too, and then it can be picked from there
