[asterisk-dev] Asterisk crunches ACLs and umask by default,
suggested fix
Ben Klang
ben at alkaloid.net
Thu Feb 16 17:51:13 MST 2006
On Thursday 16 February 2006 15:47, Rod Dorman wrote:
> Well the first question that comes to mind is, Is there any down side?
> Is there any scenario where this wouldn't be the expected thing to do?
I have considered this quite a bit is and I feel this is the proper thing to
do across the board. The only files/directories that shouldn't be leave the
permissions up to the operating system's default are files that contain
potentially sensitive data. I can see the argument for Voicemail wav files
falling in this category. However this can be addressed in two ways: 1: The
default install will create the voicemail spool directory as non-world
readable/executable and 2: the local system administrator can provide a
tighter umask or default ACL. Since the default for most systems' umask is
022 and the mode flag only applies to newly created files, I think this is a
much more sane default than the variety of modes that I replaced in the
sources.
But this is just my opinion. I may have missed something.
/BAK/
--
Ben Klang
Alkaloid Networks
ben at alkaloid.net
404.475.4850
http://projects.alkaloid.net
More information about the asterisk-dev
mailing list