Re: [Gnu-arch-users] Re: Linus

[Colin Walters]

On Mon, 2003-10-13 at 08:36, Miles Bader wrote:
> On Mon, Oct 13, 2003 at 08:15:07AM -0400, Colin Walters wrote:
> > > Since you're pushing for the copy-permissions hack, what does that solve?
> > > It (1) avoids the need to set the umask specially on login, and (2) allows
> > > different branches(&c) to use different permission bits.
> > 
> > 3) Would work for both sftp:// and file:// transports
> 
> Right, but it's not necessary for this.

I don't see why we shouldn't make file:// work if we can.  And we can.

> I don't think there's any suggestion to do that, merely to use a ssh
> subsystem script to _fix_ the umask with appropriately loose permissions, so
> they don't get in the way.  That would be a one-time thing, done only when
> arch support is initially enabled on savannah (and the same script could be
> used by _all_ sftp access to savannah).

This might sort of work on savannah.  But the idea of using a global
group readable/writable umask for all sftp access is a bad idea in
general.  It would be especially bad on a system like my school's, where
everyone is in the same "undergrad" group by default.

I just can't consider ssh subsystem hacks to be a long term solution.

> Why do you need to copy the permissions?  As long as your umask is correct
> (002), the default (rwxrwsr-x) should be good enough  to allow groups to be
> used to control access (and groups _are_ correctly propagated).

Right, I misinterpreted your question.