umask

Joshua Oreman oremanj at get-linux.org
Thu Aug 14 12:08:07 PDT 2003


On Thu, Aug 14, 2003 at 08:25:15PM +0200 or thereabouts, Antoine Jacoutot wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Thursday 14 August 2003 20:19, Joshua Oreman wrote:
> > 066 will be *more* secure than 022.
> 
> I know that :)
> 
> > This is because a umask is deducted from the default permission bits of 666
> > (or 777 for executables) on new files. So a umask of 022 will cause new
> > files to have a mode of 600 or 711.
> 
> Yes I know, I was just wondering why the default behaviour was not very 
> secure.
> 
> > * 077  (600 or 700 -- most secure)
> 
> So, if I set umask to 077, this is OK, right ? Is there ANY cons ?

None of the files you create, by default, will be accessible -- at all -- to
anyone but yourself. You have to watch out for this if you're running a web/ftp
server when you put files in the document root, for example.

> 
> Thanks a lot for your answer Joshua.

No trouble.

-- Josh

> 
> Antoine
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.2 (FreeBSD)
> 
> iD8DBQE/O9QOY3Hnhkr+5cQRAnI6AJ4r4/ChIy/cDAqv2ZHrBCnDu2HotACeK5jx
> CBnqmfxoTPvdT4rZIUs8s0U=
> =sw1f
> -----END PGP SIGNATURE-----


More information about the freebsd-questions mailing list