From owner-freebsd-questions@FreeBSD.ORG Thu Feb 26 00:39:36 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 96F411065673 for ; Thu, 26 Feb 2009 00:39:36 +0000 (UTC) (envelope-from e.schuele@computer.org) Received: from smtpout06.prod.mesa1.secureserver.net (smtpout06-01.prod.mesa1.secureserver.net [64.202.165.224]) by mx1.freebsd.org (Postfix) with SMTP id 583358FC14 for ; Thu, 26 Feb 2009 00:39:36 +0000 (UTC) (envelope-from e.schuele@computer.org) Received: (qmail 20466 invoked from network); 26 Feb 2009 00:39:34 -0000 Received: from unknown (96.226.72.228) by smtpout06.prod.mesa1.secureserver.net (64.202.165.224) with ESMTP; 26 Feb 2009 00:39:33 -0000 Message-ID: <49A5E4C4.7090204@computer.org> Date: Wed, 25 Feb 2009 18:39:32 -0600 From: Eric Schuele User-Agent: Thunderbird 2.0.0.19 (X11/20090126) MIME-Version: 1.0 To: bseklecki@collaborativefusion.com References: <9fa4f0760902191356s7297d7b0ycac7ff0a885efd1f@mail.gmail.com> <49A577EE.3030604@computer.org> <1235584156.21167.108.camel@soundwave.ws.pitbpa0.priv.collaborativefusion.com> In-Reply-To: <1235584156.21167.108.camel@soundwave.ws.pitbpa0.priv.collaborativefusion.com> X-Enigmail-Version: 0.95.2 OpenPGP: url=http://www.ravenlock.us/keys/pub_schuele.pgp Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig0246AD5EBA28F146051D2501" Cc: freebsd-questions@freebsd.org, Aleksandr Miroslav Subject: Re: weird permissions on directories when installing ports through sudo X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Feb 2009 00:39:36 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig0246AD5EBA28F146051D2501 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 02/25/2009 11:49, Brian A. Seklecki wrote: >> lowering the umask of the person running sudo. >> >> This had the effect of truly screwing up many installed ports for me=20 >=20 > Maybe try "sudo -H -u root [command]" NetBSD Pkgsrc is nice in this > respect because it has sudo(8) integration in the MKs. ~BAS I didn't think this would do much, but gave it a try anyway.... And it doesn't help. :/ The following command prior to the change resulted in root's umask being displayed: sudo -H -u root umask Whereas after the change in sudo I mentioned, the union of mine and root's is presented. I looked at the security issue mentioned in the commit log, and I'm not sure this change was required in order to fix it. Anyone have thoughts on why this change was made? I'd argue POLA was broken here. But I don't keep up with sudo developments (aside from using it). --=20 Regards, Eric --------------enig0246AD5EBA28F146051D2501 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.10 (FreeBSD) iEYEARECAAYFAkml5MQACgkQngSDRM3IXUpVMQCdFJ0Ya9x/TWZrb2r1itN1Xal1 e+YAoLMkK3t1fEjUUw0tLqZJ7D6SGOIH =NlUE -----END PGP SIGNATURE----- --------------enig0246AD5EBA28F146051D2501--