From owner-freebsd-questions@FreeBSD.ORG  Thu Aug 14 12:08:07 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A0B1D37B401
	for <questions@freebsd.org>; Thu, 14 Aug 2003 12:08:07 -0700 (PDT)
Received: from webserver.get-linux.org
	(adsl-64-161-78-226.dsl.lsan03.pacbell.net [64.161.78.226])
	by mx1.FreeBSD.org (Postfix) with SMTP id ECDCA43FA3
	for <questions@freebsd.org>; Thu, 14 Aug 2003 12:08:06 -0700 (PDT)
	(envelope-from oremanj@webserver.get-linux.org)
Received: (qmail 9419 invoked by uid 1000); 14 Aug 2003 19:09:34 -0000
Date: Thu, 14 Aug 2003 12:09:34 -0700
From: Joshua Oreman <oremanj@get-linux.org>
To: Antoine Jacoutot <ajacoutot@lphp.org>
Message-ID: <20030814190934.GE8728@webserver>
References: <200308141542.40587.ajacoutot@lphp.org>
	<20030814181947.GC8728@webserver> <200308142025.18512.ajacoutot@lphp.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200308142025.18512.ajacoutot@lphp.org>
User-Agent: Mutt/1.4.1i
cc: questions@freebsd.org
Subject: Re: umask
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Aug 2003 19:08:07 -0000

On Thu, Aug 14, 2003 at 08:25:15PM +0200 or thereabouts, Antoine Jacoutot wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Thursday 14 August 2003 20:19, Joshua Oreman wrote:
> > 066 will be *more* secure than 022.
> 
> I know that :)
> 
> > This is because a umask is deducted from the default permission bits of 666
> > (or 777 for executables) on new files. So a umask of 022 will cause new
> > files to have a mode of 600 or 711.
> 
> Yes I know, I was just wondering why the default behaviour was not very 
> secure.
> 
> > * 077  (600 or 700 -- most secure)
> 
> So, if I set umask to 077, this is OK, right ? Is there ANY cons ?

None of the files you create, by default, will be accessible -- at all -- to
anyone but yourself. You have to watch out for this if you're running a web/ftp
server when you put files in the document root, for example.

> 
> Thanks a lot for your answer Joshua.

No trouble.

-- Josh

> 
> Antoine
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.2 (FreeBSD)
> 
> iD8DBQE/O9QOY3Hnhkr+5cQRAnI6AJ4r4/ChIy/cDAqv2ZHrBCnDu2HotACeK5jx
> CBnqmfxoTPvdT4rZIUs8s0U=
> =sw1f
> -----END PGP SIGNATURE-----