<<< Date Index >>>     <<< Thread Index >>>

Re: [PATCH] Add $umask for mailboxes and attachments



On Sat, Mar 17, 2007 at 04:35:33PM +0100, Gaëtan LEURENT wrote:
> Well, if your operating system creates world-readable coredump, you
> should report this as a security vulnerabilty, because it is indeed one
> (see http://www.securityfocus.com/bid/5737/info for instance).  

Indeed.  And if the user/admin is unaware of this problem?  This is
precisely what I'm talking about.
 
> Could it be that you too are somewhat ignorant in security matters?

Not at all; you're making my point.  The authors of Mutt have no way
to know what system any given user is using, or what inherent security
oversights may be present in that OS.  If a user of Mutt were on an
early Irix 6.5 release, this would be a concern for them.  Note that
the concern in the vulnerability you mention was specifically for the
root user... it makes no mention of regular users.  It is not clear
what the actual implemented fix was, nor that the "fix" actually
changes the default for regular users.

Barring gross negligence in the extreme on the OS designer's part,
Mutt using a umask of 077 solves the problem, guaranteed, no matter
what the operating system does.  And this protection is provided at
the low, low cost of the user occasionally having to run chmod when
they actually do want people to be able to read their files.

-- 
Derek D. Martin    http://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail.  Sorry for the inconvenience.  Thank the spammers.

Attachment: pgpKLBkgh1WWk.pgp
Description: PGP signature