Re: [vile] vile-9.7q.patch.gz

[Thomas Dickey]

On Wed, 27 May 2009, Paul van Tilburg wrote:

> On Wed, May 27, 2009 at 06:10:18AM -0400, Thomas Dickey wrote:
> > On Wed, 27 May 2009, Thomas Dickey wrote:
> > > On Wed, 27 May 2009, Paul van Tilburg wrote:
> > > > Yes, the problem is that I can set popup-msgs in my .vilerc, but it
> > > > is never reached because it's mode 664 and therefore ignored.
> > > > So we seem to have a cyclic issue here.
> > >
> > > I see.  Is there a good reason for making dot-files 0664?  (I don't do
> > > that of course; I do recall some pre-configured accounts setting umask
> > > of 002, though it's easy to find opinions against that).
>
> Yes, well.  It seems my shell sets umask 002 if the system has
> user privacy groups, as is the default on Debian system at least.

There's probably some quick way to check for this configuration.
Offhand I can only recall the call for obtaining the list of a user's
groups (which doesn't seem pertinent).

> While I am member of some user groups so I can manipulate their data,
> this may be specific cases.  I have no problem with 002, I sometimes
> perceive apps that complain it to be a bit too strict, but I can't
> think of these opinions against that at the moment.  (IMO if ppl can
> level themselves to my GID, they probably can to me UID too.)
>
> > I could make popup-msgs turn on by default if $HOME/.vilerc is insecure.
> > Is that a reasonable compromise?
>
> Yes, that would break the cycle.  Regardless the discussion whether
> umask 002 is bad and mode 644 config files are a good thing, I think
> it would be nice in general if vile warns if it cannot read the user's
> config for any reason.

thanks (I'll do this for a start).

> Kind regards,
> Paul
>
> P.S. I'm not really looking forward to chmod'ing all my .vile* stuff
> on dozens of machines, but OK. :)

I'll also check and see if there's some reliable indication that
the privacy groups are setup.

--
Thomas E. Dickey
http://invisible-island.net
ftp://invisible-island.net