Re: [PATCH] Add $umask for mailboxes and attachments
On Sat, Mar 17, 2007 at 12:05:49AM -0400, Derek Martin wrote:
> On Fri, Mar 16, 2007 at 01:15:10PM +0100, Christoph Berg wrote:
> > Hi, and sorry for the late followup.
> >
> > Imho there are 3 issues left in the umask handling:
> >
> > #1: main.c sets umask(077) unconditionally. Should be removed.
>
> I'm sorry I missed the start of this thread. The umask patch is, IMO,
> yet another abomination of a security mistake. Here are some nice
> words from Thomas back in 2001 to support that idea.
>
> http://marc.info/?l=mutt-dev&m=98883584213566&w=2
>
> I once argued to let the user's umask be what mutt uses. I was wrong.
>
> The essential problem is that Mutt does not behave like other user
> programs. Rather than operating on data which can generally be
> assumed to be safe, as say vi would, Mutt is used PRIMARILY to process
> arbitrary untrusted data which comes from the Internet.
In which case wouldn't 177 be better?
David
--
David Laight: david@xxxxxxxxx