[asterisk-bugs] [Asterisk 0013753]: [patch] Set a sane umask inside safe_asterisk

Asterisk Bug Tracker noreply at bugs.digium.com
Wed Oct 22 15:25:17 CDT 2008 

A NOTE has been added to this issue. 
====================================================================== 
http://bugs.digium.com/view.php?id=13753 
====================================================================== 
Reported By:                irroot
Assigned To:                Corydon76
====================================================================== 
Project:                    Asterisk
Issue ID:                   13753
Category:                   General
Reproducibility:            always
Severity:                   tweak
Priority:                   normal
Status:                     feedback
Asterisk Version:           1.6.0 
SVN Branch (only for SVN checkouts, not tarball releases): N/A 
SVN Revision (number only!):  
Disclaimer on File?:        N/A 
Request Review:              
====================================================================== 
Date Submitted:             2008-10-21 12:22 CDT
Last Modified:              2008-10-22 15:25 CDT
====================================================================== 
Summary:                    [patch] Set a sane umask inside safe_asterisk
Description: 

refer to http://bugs.digium.com/view.php?id=13751 

recordings and other information will be created world readable this could
compromise valuable information.

as safe_asterisk is to be safe set a umask by default.
======================================================================
Relationships       ID      Summary
----------------------------------------------------------------------
related to          0013751 All Call Recordings are world readable ...
====================================================================== 

---------------------------------------------------------------------- 
 (0094173) irroot (reporter) - 2008-10-22 15:25
 http://bugs.digium.com/view.php?id=13753#c94173 
---------------------------------------------------------------------- 
yip 022 will be a good option to maintain status quo

and i fully agree with you local users are evil ....

unfortunately i have a instance where this has become a nececity 

i feel having it at least in safe_asterisk will help in some cases where
the warnings are not adheerd to. [and you get a warm fuzzy for making a
system more secure where the admin dont concider this].

im running 027 as a UMASK and setting the sticky bit on the
monitor/fax/voicemail folders

i belive safe_asterisk should run asterisk according to best practice and
commented to assist the novice user have a better experiance of asterisk
overall. 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2008-10-22 15:25 irroot         Note Added: 0094173                          
======================================================================

More information about the asterisk-bugs mailing list