umask?
akonstam at trinity.edu
akonstam at trinity.edu
Tue Aug 23 20:59:49 UTC 2005
On Tue, Aug 23, 2005 at 11:37:30AM -0500, Jay Paulson wrote:
> I have been messing around with file permissions on my SuSE box and
> found that the umask needs to be changed in order for files that are
> created in a directory to have group writable permission on them,
> otherwise they are set to not writable for the group. However, in my
> search to find an explanation of how umask works with all the different
> ways you can set it (022, 002, 0022, 0002, and more I'm sure) I haven't
> found anything that really explain what it does. Therefore, I'm a
> little bit lost on what to do.
>
> Can anyone point me to a good resource for umask?
>
> When you set the umask can you set it for a certain directory and it's
> sub directories or is it system wide?
>
> Are there any security risks for setting the umask to 002? (Whatever
> that actually does :-] )
>
> Thanks for any help!
> jay
umask is part of the shell. The umask says that the maximum
permission that a file created in a directory can have is the 8s
compliment of the umask argument.
Examples: umask 000 -> file can have any permissions up to 777
umask 022 -> files can not be more secure than 755 or
if you don't do anything special the files
will be 755.
-- Now if the argument has four digits such as 0022 as far as I can
tell that has to be 0. There once was a use for it but it seems to
have evaporated. I am not certain about this
Let me restate this using the words of Unix System Administrators
Handbook By E. Nemeth , et al
The umask argument is a 3 digit octal code that represents the
permissions to take away. 022 takes the w permission away from group
and world. When a file is created the permissions are set to whatever
the creating permissions asks for minus whatever umask forbids.
Maybe this is a clearer way to explain this.
=======================================================================
Deprive a mirror of its silver and even the Czar won't see his face.
-------------------------------------------
Aaron Konstam
Computer Science
Trinity University
telephone: (210)-999-7484
More information about the users
mailing list