Bug#526880: [Pkg-xfce-devel] Bug#526880: thunar: New directories get wrong permissions
On mar, 2009-05-05 at 16:51 +0200, Nico Golde wrote: > > > > A new directory, created from Thunar, will have permission 777, > > bypassing umask value. > > I can not reproduce this with a freshly installed thunar, > directories get created with 0755 here. > Can you provide any further information on how to reproduce > this? Did you miss the closing of the bug? :) -- Yves-Alexis signature.asc Description: This is a digitally signed message part
Bug#526880: [Pkg-xfce-devel] Bug#526880: thunar: New directories get wrong permissions
Hi, * Yves-Alexis Perez [2009-05-05 18:23]: > On mar, 2009-05-05 at 16:51 +0200, Nico Golde wrote: > > > A new directory, created from Thunar, will have permission 777, > > > bypassing umask value. > > > > I can not reproduce this with a freshly installed thunar, > > directories get created with 0755 here. > > Can you provide any further information on how to reproduce > > this? > > Did you miss the closing of the bug? :) Yes, we didn't get Cced for this one as well :) Cheers Nico -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpkrRxGQ4u5R.pgp Description: PGP signature
Bug#526880: thunar: New directories get wrong permissions
Hi, * Thomas Constans [2009-05-04 16:41]: > Package: thunar > Version: 1.0.1-1 > Severity: grave > Tags: security > Justification: user security hole > > > A new directory, created from Thunar, will have permission 777, > bypassing umask value. I can not reproduce this with a freshly installed thunar, directories get created with 0755 here. Can you provide any further information on how to reproduce this? Cheers Nico -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgp82WeHCUfFA.pgp Description: PGP signature
Bug#526880: [Pkg-xfce-devel] Bug#526880: thunar: New directories get wrong permissions
Le lundi 04 mai 2009 à 17:25 +0200, Yves-Alexis Perez a écrit : > On lun, 2009-05-04 at 10:23 +0200, Thomas Constans wrote: > > Package: thunar > > Version: 1.0.1-1 > > Severity: grave > > Tags: security > > Justification: user security hole > > > > > > A new directory, created from Thunar, will have permission 777, > > bypassing umask value. > > That's wrong, but I think you're bitten by the “daemon” status of > Thunar. I think i understand this daemon stuff. I cant reproduce this bug. I must have met a rare race condition. I am not using any session manager. My window manager (awesome) is started from .xsession, where umask is not set, and i am not starting any thunar. I thought at first that launching thunar from a keyboard shortcut, provided by my wm, was responsible for this, but i've just check with a clean new X session, and it is not the case. new instances of thunar are respecting my umask. But then i have some pretty uncommon / personnalized desktop environment, so we shouldnot spend too much time on this bug Sorry for the report, Regards -- Thomas Constans 06 23 37 87 85 www.opendoor.fr -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#526880: [Pkg-xfce-devel] Bug#526880: thunar: New directories get wrong permissions
On lun, 2009-05-04 at 10:23 +0200, Thomas Constans wrote: > Package: thunar > Version: 1.0.1-1 > Severity: grave > Tags: security > Justification: user security hole > > > A new directory, created from Thunar, will have permission 777, > bypassing umask value. That's wrong, but I think you're bitten by the “daemon” status of Thunar. Can you try to: - quit thunar (thunar -q) - check that no thunar instance is running (ps aux | grep -i thunar) - set the umask from your terminal (umask 077) - run thunar (thunar) - create a folder - check the permissions Here, it works perfectly fine, could you try? I guess Thunar is run (from the session) before you set the umask. Then if you run thunar from a terminal, after setting a umask, no new process is created, it uses the already running one, so you don't have the correct umask. What you need is to set the umask before thunar is run, so it might be a good idea to set it in .xsessionrc or in your initscript so all the desktop benefits from it. (or you can create a wrapper for thunar if you only want thunar to use it) Cheers, -- Yves-Alexis signature.asc Description: This is a digitally signed message part
Bug#526880: thunar: New directories get wrong permissions
Package: thunar Version: 1.0.1-1 Severity: grave Tags: security Justification: user security hole A new directory, created from Thunar, will have permission 777, bypassing umask value. Regards -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages thunar depends on: ii desktop-file-utils 0.15-2 Utilities for .desktop files ii exo-utils0.3.101-1 Utility files for libexo ii libatk1.0-0 1.26.0-1The ATK accessibility toolkit ii libc62.9-8 GNU C Library: Shared libraries ii libcairo21.8.6-2+b1 The Cairo 2D vector graphics libra ii libdbus-1-3 1.2.12-1simple interprocess messaging syst ii libdbus-glib-1-2 0.80-4 simple interprocess messaging syst ii libexo-0.3-0 0.3.101-1 Library with extensions for Xfce ii libfreetype6 2.3.9-4.1 FreeType 2 font engine, shared lib ii libglib2.0-0 2.20.1-1The GLib library of C routines ii libgtk2.0-0 2.16.1-2The GTK+ graphical user interface ii libice6 2:1.0.5-1 X11 Inter-Client Exchange library ii libpango1.0-01.24.0-3+b1 Layout and rendering of internatio ii libsm6 2:1.1.0-2 X11 Session Management library ii libthunar-vfs-1-21.0.1-1 VFS abstraction used in thunar ii libx11-6 2:1.2.1-1 X11 client-side library ii libxfce4util44.6.1-1 Utility functions library for Xfce ii shared-mime-info 0.60-2 FreeDesktop.org shared MIME databa ii thunar-data 1.0.1-1 Provides thunar documentation, ico Versions of packages thunar recommends: ii dbus-x11 1.2.12-1simple interprocess messaging syst ii gamin0.1.10-1File and directory monitoring syst ii hal 0.5.12~git20090406.46dc48-2 Hardware Abstraction Layer ii thunar-volma 0.3.80-2Thunar extension for volumes manag ii xdg-user-dir 0.10-1 tool to manage well known user dir ii xfce4-panel 4.6.1-1 The Xfce4 desktop environment pane Versions of packages thunar suggests: pn thunar-archive-plugin (no description available) pn thunar-media-tags-plugin (no description available) -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org