Rehashing My File Permissions Understanding(or lack of it)

Mark Sargent powderkeg at snow.email.ne.jp
Wed Aug 31 08:40:07 UTC 2005


Paul Howarth wrote:

> Jay Paulson wrote:
>
>> I was under the impression that changing the umask was a possible 
>> security risk.  Am I correct in thinking that?
>
>
> Possibly, possibly not. Using a umask of 002 instead of 022 is 
> something that Red Hat/Fedora specifically cater for. What this means 
> is that woth a umask of 002, files are created with group write 
> permissions by default, so if your default group is shared with a 
> number of other people then they will be able to write to your files 
> by default. However, in Red Hat/Fedora, every new user is created with 
> their own group by default, which isn't shared with any other user. So 
> enabling group write permission isn't a big issue. What this then lets 
> you do is to create a separate group for shared data, and then 
> everyone's default umask being 002 (if set that way) then makes it 
> easy for all members to create and edit files with this shared groupid.
>
> Paul.
>
Hi All,

so, in theory, if there were a way to set a umask specifically for a 
certain group, it'd be great. For example; when user xman, who is a 
member of say, share2 group, creates a new file in a particular dir, the 
new file would be writable by all within that same group. Would that 
just make things too messy, OR, am I just not getting it.? Cheers.

Mark Sargent.




More information about the users mailing list