umask

Jez Hancock jez.hancock at munk.nu
Thu Aug 14 13:46:13 PDT 2003


On Thu, Aug 14, 2003 at 09:37:46PM +0200, Antoine Jacoutot wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Thursday 14 August 2003 21:12, Jez Hancock wrote:
> > Some applications require a less strict umask to install files correctly
> > with the right permissions - quite often you aren't warned about this
> > either and it can be a headache finding out which file perms are
> > incorrect.
> 
> Ah, OK... this is kind of a problem indeed.
Yes I got burnt by setting my root umask to 077 and installing a raft of
apps - real nightmare finding out which apps installed perms with dodgy
perms.

> Well, I don't know what to do anymore :)
> Maybe setting an umask of 077 only for /usr/home (using fstab) would be a good 
> start ?
The only gotcha there is with httpd access - if you decide to have apache
read documentroot folders from under /usr/home then any files your users
create in a shell won't be accessible by the www user by default.

In the end I gave up and left the default umask alone, causes more
problems than it solves in the 'prevention' vein.  umask is perhaps more
friendly when considering setting a lower umask to allow for users to
create group rwx files by default.  I've not used it that much tbh. :)

-- 
Jez

http://www.munk.nu/


More information about the freebsd-questions mailing list