does not source ~/.profile for umask

Bug #1701757 reported by Greg Williams on 2017-07-01
264
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Nautilus
New
Undecided
Unassigned
gedit
New
Undecided
Unassigned
gnome-session (Ubuntu)
Low
Unassigned

Bug Description

I have always set umask at ~/.profile and gnome-session would source this. But in Zesty, this isn't happening, and I can find no way to set a umask default of my choosing for the gnome-session.

Creating a document using gedit always produces the default (unchangeable) permission represented by umask 022.

If I adjust umask at ~/.bashrc, creating a document in nano or vi works to get a different umask. But Ubuntu users should be able to adjust umask for GTK3 apps (like gedit) as well.

If there is a new way to set ~/.profile variables, the documentation needs to be updated to reflect this so people know how to set them.

summary: - 17.04 (Zesty) does not source ~/.profile
+ 17.04 (Zesty) does not source ~/.profile for umask
information type: Public → Public Security

Thank you for taking the time to report this bug and helping to make Ubuntu better. The issue you are reporting is an upstream one and it would be nice if somebody having it could send the bug to the developers of the software by following the instructions at https://wiki.ubuntu.com/Bugs/Upstream/GNOME. If you have done so, please tell us the number of the upstream bug (or the link), so we can add a bugwatch that will inform us about its status. Thanks in advance.

Changed in gnome-session (Ubuntu):
importance: Undecided → Low
Seth Arnold (seth-arnold) wrote :

Greg, Sebastien, does this look like a duplicate of bug 1685754? It's tough for me to tell. Of course ~/.profile is only used by some shells, nothing else, so this may not be a bug at all.

Thanks

Greg Williams (greg2lapa) wrote :

Ubuntu bug 1685754 seems specific to gnome-terminal. The bug I reported is for all gnome-session apps. Gnome-terminal can be made to work if a umask is added to .bashrc. This is not the case for other gnome apps like gedit. These bugs may be the same, but I don't know enough to be able to make that call.

I don't know for sure, but is this gnome bug might be related: https://bugzilla.gnome.org/show_bug.cgi?id=780622

Greg Williams (greg2lapa) wrote :

Excuse me, but is it fair to rank this bug as "Low" importance? There appears to be no way to change the default umask on account of this bug. Umask setting carries privacy and security considerations depending on environment.

I think it of considerable importance to at least make sure this bug is fixed in time for Ubuntu 17.10.

Changed in gnome-session (Ubuntu):
status: New → Confirmed
Coeur Noir (coeur-noir) wrote :

Hello,

That bug is not fixed in 17.10 !

For reference : https://forum.ubuntu-fr.org/viewtopic.php?pid=21823638#p21823638

tl;dr → umask is set at 002 in ~/.profile AND in /etc/login.defs
but new folders created through Nautilus don't grant write permission for group.
Unless if created in desktop folder.

That's a big problem in multi-users environment.

Other curiosity, I don't have that problem with Budgie 17.10 where setting umask at 002 in /etc/login.defs works as expected.

Coeur Noir (coeur-noir) wrote :

Files created with Gedit don't apply expected 002 umask.

But files ( or folders ) created with i.e. Gimp apply expected 002 umask.

A foreseeable way of setting umask system wide and/or per session is very much needed in order to administrate 17.10 machines in local network ( school, library, business, anything… ) where people share files/folders, be it through samba or nfs…

…that's not of low importance, it's a security issue.

Coeur Noir (coeur-noir) wrote :

fwiw → https://bugzilla.gnome.org/show_bug.cgi?id=780622#c44 → where security issue is mentioned

And → https://bugzilla.gnome.org/show_bug.cgi?id=780622#c49 → in fedora we're going to start adding pam_umask to the default pam configuration so admins can edit /etc/login.defs

Does it mean Ubuntu 18.04 may benefit from it - as an LTS release, it should.

dino99 (9d9) on 2018-04-12
tags: added: artful bionic trusty xenial
summary: - 17.04 (Zesty) does not source ~/.profile for umask
+ does not source ~/.profile for umask
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.