Ubuntu
gdm package

gdm doesn't respect umask setting

Bug #241198 reported by Marcin Giedz on 2008-06-19

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	gdm	Expired	Low	gnome-bugs #305931
	gdm (Ubuntu)	Incomplete	Low	Ubuntu Desktop Bugs

Bug Description

Hello at first I wanted to add this bug to existing one: #25910 gdm doesn't take care of pam_umask settings but in my case I don;t use pam_umask.

What I need is to let users create files/folders with extended permissions - different than 022 which I think is again hardcoded in gnome. I tried to change umask in ~/.profile and ~/.gnomerc as well as /etc/X11/Xsessions.d/55gnomexxxx - nothing works :(

This is huge problem for me as most of volumes are mounted via NFS to share amongst many users. But when user creates file/folder all I can see is : 755 for folders which is not acceptable.

Can you confirm this bug or I;m missing something?

My Ubuntu is Hardy 8.04 with all updates.

Regards,
Marcin

Revision history for this message

Marcin Giedz (giedz) wrote on 2008-06-19:

I've simply forgotten to add that such problem only occurs when using nautilus/gnome-related-app. umask is respected when running touch/mkdir/etc from command line.

Revision history for this message

Sebastien Bacher (seb128) wrote on 2008-07-29:

Thank you for your bug report, that's known upstream and you can read about it on http://bugzilla.gnome.org/show_bug.cgi?id=305931

Changed in gdm:
assignee:	nobody → desktop-bugs
importance:	Undecided → Low
status:	New → Triaged

Bug Watch Updater (bug-watch-updater) on 2008-07-29

Changed in gdm:
status:	Unknown → In Progress

Bug Watch Updater (bug-watch-updater) on 2010-06-05

Changed in gdm:
status:	In Progress → Invalid

Revision history for this message

Sebastien Bacher (seb128) wrote on 2010-06-07:

could somebody try if that's still an issue in current versions?

Changed in gdm (Ubuntu):
status:	Triaged → Incomplete

Revision history for this message

c (lsching17) wrote on 2010-06-13:

.bashrc Edit (3.0 KiB, text/plain)

How come that kind of important security bugs not fixed after years?

i test that the problem still occurs in Lucid

OS: Ubuntu x64 Lucid

Step to reproduce:

1. add "umask 0027" at the end of .bashrc
2. relogin again
3. type "umask" in gnome terminal, it reports 0027
4. create a file by "echo 123 > test.txt" in gnome terminal, the file permission is "-rw-r-----" (correct)
5. create a folder by Nautilus, the folder permission is "drwxr-xr-x", the expected file permission should be "drwxr-x---" (incorrect)
6. create a file by Nautilus, the folder permission is "-rw-r--r--", the expected file permission should be "-rw-r-----" (incorrect)

?field.comment=How come that kind of important security bugs not fixed after years?

i test that the problem still occurs in Lucid

OS: Ubuntu x64 Lucid

Step to reproduce:

Revision history for this message

Sebastien Bacher (seb128) wrote on 2010-06-14:

to reply to the previous comment, the file you are changing is a command line configuration one, not a desktop one, it's normal it doesn't make any change for nautilus

Revision history for this message

c (lsching17) wrote on 2010-06-14:

which config file should i edit for testing the umask?

Revision history for this message

Sebastien Bacher (seb128) wrote on 2010-06-14:

you can try .profile I guess

Revision history for this message

c (lsching17) wrote on 2010-06-15:

i tested that the problem do not occur in Lucid (.using .profile)

OS: Ubuntu x64 Lucid Desktop, Ubuntu x86 Lucid Desktop

Steps:
1. add "umask 0027" at the end of .bashrc
2. reboot and login again
3. create a folder by Nautilus, the folder permission is "drwxr-x---" (correct)
4. create a file by Nautilus, the folder permission is "-rw-r-----" (correct)

P.S. it will be nice if Ubuntu's default umask is 0027 in the future.

Bug Watch Updater (bug-watch-updater) on 2010-09-15