Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 14 Aug 2003 12:09:34 -0700
From:      Joshua Oreman <oremanj@get-linux.org>
To:        Antoine Jacoutot <ajacoutot@lphp.org>
Cc:        questions@freebsd.org
Subject:   Re: umask
Message-ID:  <20030814190934.GE8728@webserver>
In-Reply-To: <200308142025.18512.ajacoutot@lphp.org>
References:  <200308141542.40587.ajacoutot@lphp.org> <20030814181947.GC8728@webserver> <200308142025.18512.ajacoutot@lphp.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Aug 14, 2003 at 08:25:15PM +0200 or thereabouts, Antoine Jacoutot wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Thursday 14 August 2003 20:19, Joshua Oreman wrote:
> > 066 will be *more* secure than 022.
> 
> I know that :)
> 
> > This is because a umask is deducted from the default permission bits of 666
> > (or 777 for executables) on new files. So a umask of 022 will cause new
> > files to have a mode of 600 or 711.
> 
> Yes I know, I was just wondering why the default behaviour was not very 
> secure.
> 
> > * 077  (600 or 700 -- most secure)
> 
> So, if I set umask to 077, this is OK, right ? Is there ANY cons ?

None of the files you create, by default, will be accessible -- at all -- to
anyone but yourself. You have to watch out for this if you're running a web/ftp
server when you put files in the document root, for example.

> 
> Thanks a lot for your answer Joshua.

No trouble.

-- Josh

> 
> Antoine
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.2 (FreeBSD)
> 
> iD8DBQE/O9QOY3Hnhkr+5cQRAnI6AJ4r4/ChIy/cDAqv2ZHrBCnDu2HotACeK5jx
> CBnqmfxoTPvdT4rZIUs8s0U=
> =sw1f
> -----END PGP SIGNATURE-----



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030814190934.GE8728>