From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id AE3F16DE024E for ; Mon, 5 Feb 2018 03:59:30 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -0.311 X-Spam-Level: X-Spam-Status: No, score=-0.311 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.211, SPF_PASS=-0.001] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2u9EGbmBop5B for ; Mon, 5 Feb 2018 03:59:29 -0800 (PST) Received: from mail-pg0-f44.google.com (mail-pg0-f44.google.com [74.125.83.44]) by arlo.cworth.org (Postfix) with ESMTPS id B50276DE0151 for ; Mon, 5 Feb 2018 03:59:29 -0800 (PST) Received: by mail-pg0-f44.google.com with SMTP id s73so4022234pgc.1 for ; Mon, 05 Feb 2018 03:59:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:message-id:from:to:cc:subject:in-reply-to:references :mime-version:content-disposition:content-transfer-encoding; bh=kZN/sK+5XDdc1/q4NeZ1NaJEn3if1SXywEYizF6nWYo=; b=ptjENoxCPh88zTfWVfuFZZXJph5q8KQ/Zh4B87iRAlDti5q9I8fTGBecFt6mAfhwu4 nWC7w3bkRqLp479u7IBOQ2RXJPaDl6iLARxlDkmCrG84Vafc4ft+6Q70DI5tw9dV6f4P TnBgm7f0zqpIvkloGdMMFIlR2tu7kbgkwkeBg+29YarG34IimdQRCXT/O5YfqR4VSUks GTb5hHzvJh8SeyP/Tpuzk6gF9ZvpWJxVKH2fZXLYX+Y4flXqNuhTlkMnNQFVOUqyw9tq Yn+sl+Xe3PUhIhlEfZb4Za/jEC9ZDu8xfphF5ietgCoYzIpMbf0f9VF/1nUcEA3bOD1/ VFrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:message-id:from:to:cc:subject:in-reply-to :references:mime-version:content-disposition :content-transfer-encoding; bh=kZN/sK+5XDdc1/q4NeZ1NaJEn3if1SXywEYizF6nWYo=; b=LhdWmJfn00lRxpjhqY5tSE1Dho+ONwJsT+Ti+9HsQZ1KcnPQnZFayprQaWYT19SOqU MqUNZnf6XkZdD5dHK4+9muoqRuiXfyh3YHkacpsgzDYYNLO+ZlJQbiancE1OaJioVeNw qABYdX1C/PRy3gmEOQdF8yceUWWSDqRMtN6QXWjATaT3SnPxzACnq++hdBg2KYtCJrDA vqEfuCwiezFbAZfb7OMsUWarRAX3r+LiCTyT9hDisY+CdKdw3yDGVFkH6mimMxeQ1FlW ed4599gDPu8mDH/Kb0w6IDHCBXf0ujUk4Y6H4o4FEZlubYq2TV5MG6MG6R51OTyRPz11 HVnQ== X-Gm-Message-State: APf1xPB+/qXVOb3ger47PTFHhebd7lEG5baMLnTTjp8V2M45+YLr0dbB BVst4U7AttpE9kxeI8zFNbVYfA== X-Google-Smtp-Source: AH8x226rzDdT2Fx3Rp+FhaF2Of97tKpp2N8irIrO6cJZEeuUQ/RSYS0+8O5tUuA0gKqrIX4WOsfJHw== X-Received: by 10.98.174.18 with SMTP id q18mr897869pff.92.1517831969269; Mon, 05 Feb 2018 03:59:29 -0800 (PST) Received: from localhost (ip-29-60-52-196.melbourne.au.asianpacifictelephone.com. [196.52.60.29]) by smtp.gmail.com with ESMTPSA id g17sm13017679pfh.134.2018.02.05.03.59.26 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 05 Feb 2018 03:59:27 -0800 (PST) Date: Mon, 5 Feb 2018 22:59:20 +1100 Message-ID: <20180205225920.GL1824@hili.localdomain> From: Peter Wang To: Daniel Kahn Gillmor Cc: Notmuch Mail Subject: Re: [PATCH] cli/insert: new message file can be world-readable (rely on umask) In-Reply-To: <20180205043703.22551-1-dkg@fifthhorseman.net> References: <20180205043703.22551-1-dkg@fifthhorseman.net> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Feb 2018 11:59:30 -0000 On Sun, 4 Feb 2018 23:37:03 -0500, Daniel Kahn Gillmor wrote: > There are legitimate cases (public archives) where a user might > actually want their archive to be readable to the world. > > "notmuch insert" historically used mode 0600 (unreadable by group or > other), but that choice doesn't appear to have been specifically > justified (perhaps an abundance of caution?). I can't remember any specific reason for 0600 instead of 0644. Probably just assumed that mail is supposed to be private. > If the user wants "notmuch insert" to create files that are not > readable by group or other, they can set their umask more > restrictively. By calling notmuch through a wrapper shell script, I suppose. The mode for --create-folder should be reconsidered as well. Peter