[Pkg-samba-maint] r1399 - trunk/samba/debian

Fri May 25 08:05:20 UTC 2007

On Fri, May 25, 2007 at 07:05:34AM +0200, Christian Perrier wrote:
> Quoting Steve Langasek (vorlon at debian.org):
> > On Tue, May 22, 2007 at 09:08:49PM +0000, bubulle at alioth.debian.org wrote:
> > > Change the default file permission in [HOMES] from 0700 to 0600

> > Why?  Note that this is the create *mask*, which controls the *maximum* file
> > permissions that will be set when creating a file.  Is there a reason we
> > want to forbid by default the creation of files with the execute bit set?

> This is mostly because this is upstream's default which I think is
> reasonable.

If it's an upstream default and if this is the argument for the change, then
I would ask that the option itself be commented out in the default smb.conf
and marked as a default so it's clear that this isn't a setting we're
overriding.

> Using 0700 makes indeed all files created on the server to have the
> execute bit unless the client itself explicitely request to not do
> so....which it doesn't in most cases.

Ok, I don't understand why this would be.  According to smb.conf (and my
recollections), the execute bit is set based on the 'map archive', 'map
hidden', and 'map system' options.  Is this no longer correct with current
samba?  Or if it is correct, and one or more of these options are enabled by
default, why should the default create mask be set to disallow that option?

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon at debian.org                                   http://www.debian.org/