also sprach Christian Perrier <[EMAIL PROTECTED]> [2005.06.20.0803 +0200]: > > Summary: I would better wait _till_ pam_umask finds its way into > > default Debian /etc/pam.d/common-session, and comment UMASK out > > _after that_. > > Hmmm, you nearly manage to convince me. I send this to the BTS, > for the record. > > Martin, please give your advice here.
I tend to agree; let's change existing practice when new and better
practice is *in place* and working. I would not object to see
libpam-umask in base, but I don't think it's going to happen "just
like that".
Maybe we should start small and add comments for now?
> Alex seems to have well proven that UMASK in login.defs is
> *currently* the only way to be sure that all possible ways to
> login to a system will have the right mask.
Proof incomplete... log in via SSH into a zsh shell and no umask
setting will take effect.
--
.''`. martin f. krafft <[EMAIL PROTECTED]>
: :' : proud Debian developer, admin, user, and author
`. `'`
`- Debian - when you have better things to do than fixing a system
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
"life is what happens to you while you're busy making other plans."
-- john lennon
signature.asc
Description: Digital signature
