umask
Joshua Oreman
oremanj at get-linux.org
Thu Aug 14 12:08:07 PDT 2003
On Thu, Aug 14, 2003 at 08:25:15PM +0200 or thereabouts, Antoine Jacoutot wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Thursday 14 August 2003 20:19, Joshua Oreman wrote:
> > 066 will be *more* secure than 022.
>
> I know that :)
>
> > This is because a umask is deducted from the default permission bits of 666
> > (or 777 for executables) on new files. So a umask of 022 will cause new
> > files to have a mode of 600 or 711.
>
> Yes I know, I was just wondering why the default behaviour was not very
> secure.
>
> > * 077 (600 or 700 -- most secure)
>
> So, if I set umask to 077, this is OK, right ? Is there ANY cons ?
None of the files you create, by default, will be accessible -- at all -- to
anyone but yourself. You have to watch out for this if you're running a web/ftp
server when you put files in the document root, for example.
>
> Thanks a lot for your answer Joshua.
No trouble.
-- Josh
>
> Antoine
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.2 (FreeBSD)
>
> iD8DBQE/O9QOY3Hnhkr+5cQRAnI6AJ4r4/ChIy/cDAqv2ZHrBCnDu2HotACeK5jx
> CBnqmfxoTPvdT4rZIUs8s0U=
> =sw1f
> -----END PGP SIGNATURE-----
More information about the freebsd-questions
mailing list