- User Since
- Mar 27 2017, 4:48 PM (350 w, 5 h)
Jan 23 2017
I nearly filed this as a minor bug to start with. Apologies for the
My thinking was that there are a few rarer cases on unattended/shared
environments where this may be an issue. Scripts may deliberately be using a
umask that allows write permission to files it's creating, not expecting that
pubring (or other keyring) changes will create a new file. Other users/services
may need read permission to those keyrings, and actually end up with write
permission. This is potentially a problem despite the data not being secret.
Granted, the above hypothetical situation is uncommon and easily worked around
with better design/testing, but it might catch people out.