gdm doesn't respect umask setting

Bug #241198 reported by Marcin Giedz on 2008-06-19
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
gdm
Expired
Low
gdm (Ubuntu)
Low
Ubuntu Desktop Bugs

Bug Description

Hello at first I wanted to add this bug to existing one: #25910 gdm doesn't take care of pam_umask settings but in my case I don;t use pam_umask.

What I need is to let users create files/folders with extended permissions - different than 022 which I think is again hardcoded in gnome. I tried to change umask in ~/.profile and ~/.gnomerc as well as /etc/X11/Xsessions.d/55gnomexxxx - nothing works :(

This is huge problem for me as most of volumes are mounted via NFS to share amongst many users. But when user creates file/folder all I can see is : 755 for folders which is not acceptable.

Can you confirm this bug or I;m missing something?

My Ubuntu is Hardy 8.04 with all updates.

Regards,
Marcin

Marcin Giedz (giedz) wrote :

I've simply forgotten to add that such problem only occurs when using nautilus/gnome-related-app. umask is respected when running touch/mkdir/etc from command line.

Sebastien Bacher (seb128) wrote :

Thank you for your bug report, that's known upstream and you can read about it on http://bugzilla.gnome.org/show_bug.cgi?id=305931

Changed in gdm:
assignee: nobody → desktop-bugs
importance: Undecided → Low
status: New → Triaged
Changed in gdm:
status: Unknown → In Progress
Changed in gdm:
status: In Progress → Invalid
Sebastien Bacher (seb128) wrote :

could somebody try if that's still an issue in current versions?

Changed in gdm (Ubuntu):
status: Triaged → Incomplete
c (lsching17) wrote :

How come that kind of important security bugs not fixed after years?

i test that the problem still occurs in Lucid

OS: Ubuntu x64 Lucid

Step to reproduce:

1. add "umask 0027" at the end of .bashrc
2. relogin again
3. type "umask" in gnome terminal, it reports 0027
4. create a file by "echo 123 > test.txt" in gnome terminal, the file permission is "-rw-r-----" (correct)
5. create a folder by Nautilus, the folder permission is "drwxr-xr-x", the expected file permission should be "drwxr-x---" (incorrect)
6. create a file by Nautilus, the folder permission is "-rw-r--r--", the expected file permission should be "-rw-r-----" (incorrect)

?field.comment=How come that kind of important security bugs not fixed after years?

i test that the problem still occurs in Lucid

OS: Ubuntu x64 Lucid

Step to reproduce:

1. add "umask 0027" at the end of .bashrc
2. relogin again
3. type "umask" in gnome terminal, it reports 0027
4. create a file by "echo 123 > test.txt" in gnome terminal, the file permission is "-rw-r-----" (correct)
5. create a folder by Nautilus, the folder permission is "drwxr-xr-x", the expected file permission should be "drwxr-x---" (incorrect)
6. create a file by Nautilus, the folder permission is "-rw-r--r--", the expected file permission should be "-rw-r-----" (incorrect)

Sebastien Bacher (seb128) wrote :

to reply to the previous comment, the file you are changing is a command line configuration one, not a desktop one, it's normal it doesn't make any change for nautilus

c (lsching17) wrote :

which config file should i edit for testing the umask?

Sebastien Bacher (seb128) wrote :

you can try .profile I guess

c (lsching17) wrote :

i tested that the problem do not occur in Lucid (.using .profile)

OS: Ubuntu x64 Lucid Desktop, Ubuntu x86 Lucid Desktop

Steps:
1. add "umask 0027" at the end of .bashrc
2. reboot and login again
3. create a folder by Nautilus, the folder permission is "drwxr-x---" (correct)
4. create a file by Nautilus, the folder permission is "-rw-r-----" (correct)

P.S. it will be nice if Ubuntu's default umask is 0027 in the future.

Changed in gdm:
importance: Unknown → Low
status: Invalid → Expired
Coeur Noir (gerald-maruccia-e) wrote :

There's something closely related happening in actual ubuntu 17.10 :

https://bugs.launchpad.net/ubuntu/+source/gnome-session/+bug/1701757
https://bugs.launchpad.net/ubuntu/+source/gnome-terminal/+bug/1685754

It makes managing muti-users machines and shared folders almost impossible…

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.