Skip to Content [alt-c]


In reply to Comment by Reader Pi

Andrew Ayer on 2014-03-12 at 03:39:

No, umask is actually not a concern because any decent temporary file implementation creates the file with restrictive permissions (0600). Besides, the setuid program could always set its own predictable umask.

Agreed that you should just use sudo if you can, especially if you have no experience writing secure set[ug]id programs. Using sudo is not always feasible though, especially since it depends on your sysadmin to set up rules. For example, using sudo would have been totally infeasible for the use case presented here, since each course needs its own grading database.


Post a Reply

Your comment will be public. To contact me privately, email me. Please keep your comment polite, on-topic, and comprehensible. Your comment may be held for moderation before being published.

(Optional; will be published)

(Optional; will not be published)

(Optional; will be published)

  • Blank lines separate paragraphs.
  • Lines starting with > are indented as block quotes.
  • Lines starting with two spaces are reproduced verbatim (good for code).
  • Text surrounded by *asterisks* is italicized.
  • Text surrounded by `back ticks` is monospaced.
  • URLs are turned into links.
  • Use the Preview button to check your formatting.