It's not a question of whether the default directory permissions are appropriate. I agree with those. <br><br>What we're talking about here is what happens during updates to an existing directory. I can't see any rationale for changing the group permissions. If the group permissions differ from the installation defaults, it is because the sysadmin needed them to be different in order to implement one or more methods of extensibility / interoperability that make Asterisk so powerful. <br>
<br>Absolutely, it would make sense for the installer to check to be sure it has SUFFICIENT permissions to operate properly, but it is a huge leap of faith to assume that it's appropriate to simply delete certain group
permissions. Users only in the
owner's group if they belong there, no??<br>
<br>The upshot is that ever since upgrading to 1.8 we have to re-re-re-reset the group directory permissions to make things work, and that just seems insane to me if that is a design choice, not a regression. <br><br>-Karl <br>
<br><br><div class="gmail_quote">On Mon, Mar 5, 2012 at 11:30 PM, Raj Mathur (राज माथुर) <span dir="ltr"><<a href="mailto:raju@linux-delhi.org">raju@linux-delhi.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im">On Tuesday 06 Mar 2012, Jason Parker wrote:<br>
> I don't know if I would call it a bug since the switch to install was<br>
> intentional, but I wouldn't say it's necessarily expected either. I<br>
> don't really have a strong opinion either way though. If anything, I<br>
> might be inclined to argue that 750 (or 770) would be more<br>
> appropriate.<br>
<br>
</div>Considering that (e.g.) sip.conf and iax.conf may contain passwords in<br>
clear-text, I'd agree that 770/750 for directories and 660/640 for files<br>
would be most appropriate. The g+w bit needs to be set only on those<br>
directories/files that ought to be writable from within the Asterisk<br>
process itself.<br>
<br>
Regards,<br>
<br>
-- Raj<br>
<span class="HOEnZb"><font color="#888888">--<br>
Raj Mathur || <a href="mailto:raju@kandalaya.org">raju@kandalaya.org</a> || GPG:<br>
<a href="http://otheronepercent.blogspot.com" target="_blank">http://otheronepercent.blogspot.com</a> || <a href="http://kandalaya.org" target="_blank">http://kandalaya.org</a> || CC68<br>
It is the mind that moves || <a href="http://schizoid.in" target="_blank">http://schizoid.in</a> || D17F<br>
</font></span><div class="HOEnZb"><div class="h5"><br>
--<br>
_____________________________________________________________________<br>
-- Bandwidth and Colocation Provided by <a href="http://www.api-digital.com" target="_blank">http://www.api-digital.com</a> --<br>
New to Asterisk? Join us for a live introductory webinar every Thurs:<br>
<a href="http://www.asterisk.org/hello" target="_blank">http://www.asterisk.org/hello</a><br>
<br>
asterisk-users mailing list<br>
To UNSUBSCRIBE or update options visit:<br>
<a href="http://lists.digium.com/mailman/listinfo/asterisk-users" target="_blank">http://lists.digium.com/mailman/listinfo/asterisk-users</a><br>
</div></div></blockquote></div><br>