I had an install issue after hardening a server for public access because I did not realize that Aegir relied upon the default umask of 022.
My standard umask ends in a 7 making sure that no one in the "other" category can read or write my documents or settings, let alone execute them. This is something that Aegir plans for and it simply handles security differently (but the aegir system expects the aegir user to have a specific umask) -- see http://drupal.org/node/896464
I would have liked to have seen INSTALL and UPGRADE both reference the requirement of the expected umask of 022 to avoid these problems in the install/upgrade and a warning that changing the umask for the aegir user (like in a hardening process) may also break the system.
Comments
Comment #1
Anonymous (not verified) CreditAttribution: Anonymous commenteddefault umask of 022 is mentioned/recommended in INSTALL/UPGRADE.txt