From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id 104C56DE1850 for ; Sun, 18 Mar 2018 11:06:04 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -0.042 X-Spam-Level: X-Spam-Status: No, score=-0.042 tagged_above=-999 required=5 tests=[AWL=-0.042] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O9bdR7cpmIZZ for ; Sun, 18 Mar 2018 11:06:03 -0700 (PDT) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by arlo.cworth.org (Postfix) with ESMTPS id DE7536DE184E for ; Sun, 18 Mar 2018 11:06:02 -0700 (PDT) Received: from fifthhorseman.net (dhcp-8362.meeting.ietf.org [31.133.131.98]) by che.mayfirst.org (Postfix) with ESMTPSA id E2F21F99D; Sun, 18 Mar 2018 14:06:00 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id BBEDA2039D; Sun, 18 Mar 2018 15:17:42 +0000 (GMT) From: Daniel Kahn Gillmor To: Georg Faerber , notmuch@notmuchmail.org Subject: Re: Permissions of files created by notmuch In-Reply-To: <20180318033005.GX28151@debian> References: <20180318033005.GX28151@debian> Date: Sun, 18 Mar 2018 15:17:39 +0000 Message-ID: <87a7v5v2ek.fsf@fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Mar 2018 18:06:04 -0000 --=-=-= Content-Type: text/plain On Sun 2018-03-18 04:30:06 +0100, Georg Faerber wrote: > I'm using notmuch 0.26-1+b2 out of Debian unstable. > The files created inside .notmuch/xapian by notmuch are group and world > readable. Is this on purpose? This seems quite suboptimal, especially > if one is using the recently introduced cleartext indexing feature.. is your mailbox itself world-readable? What is your umask? in general, i'd expect notmuch to follow umask like any other unix tool. if we wanted it to be more restrictive, maybe that's a separate use case. See also discussion at id:20180209041058.4037-1-dkg@fifthhorseman.net around whether "notmuch insert" and other tools should produce world-readable files by default. curious to hear what you think is the right choice here. --dkg --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQTTaP514aqS9uSbmdJsHx7ezFD6UwUCWq6DEwAKCRBsHx7ezFD6 U+qIAQC1fJrxDhQ5OuiVclMGWUwq+Bf1wJUhu/+cwia953viJwD/dpUVHh5T+Df5 98dLH53P8blzBgwoG+DzNdVHxH6TzAk= =hvse -----END PGP SIGNATURE----- --=-=-=--