[CLUE-Tech] Directory permissions -- problems with '-w--w--w-'
Joe Linux
joelinux at earthlink.net
Wed May 22 11:58:52 MDT 2002
Okay, thanks I found this in /etc/profile:
umask 022
Then changed it to:
umask 027
What I'm looking for is the privacy of each user from all other users
except root.
What would be the appropriate "umask" to achieve that without adversly
affecting the operation of the system?
I found the following explanation:
http://www.tldp.org/HOWTO/Security-HOWTO-5.html
5.1 Umask Settings
The umask command can be used to determine the default file creation
mode on your system. It is the octal complement of the desired file
mode. If files are created without any regard to their permissions
settings, the user could inadvertently give read or write permission to
someone that should not have this permission. Typical umask settings
include 022, 027, and 077 (which is the most restrictive). Normally the
umask is set in /etc/profile, so it applies to all users on the system.
The file creation mask can be calculated by subtracting the desired
value from 777. In other words, a umask of 777 would cause newly-created
files to contain no read, write or execute permission for anyone. A mask
of 666 would cause newly-created files to have a mask of 111. For
example, you may have a line that looks like this:
# Set the user's default umask
umask 033
Be sure to make root's umask 077, which will disable read, write, and
execute permission for other users, unless explicitly changed using
chmod. In this case, newly-created directories would have 744
permissions, obtained by subtracting 033 from 777. Newly-created files
using the 033 umask would have permissions of 644.
If you are using Red Hat, and adhere to their user and group ID creation
scheme (User Private Groups), it is only necessary to use 002 for a
umask. This is due to the fact that the default configuration is one
user per group.
David Jackson wrote:
>Joe --
>The default file permission are set by umask usally in /etc/profile?
>How log does it take for perm to be changed? If it regular interval
>then theres a cron running, if it's after reboot there may be something
>in on of the rc scripts.
>
>David
>
>
>>The problem I'm having is Mandrake 8.2 is changing the permissions on
>>my "/home/user" folder without me giving permission. I set it to 770
>>and then shortly thereafter, the system changes it to 755. This is
>>not what I want, and I don't seem to be able to fix it.
>>
>
>
>
>
>_______________________________________________
>CLUE-Tech mailing list
>CLUE-Tech at clue.denver.co.us
>http://clue.denver.co.us/mailman/listinfo/clue-tech
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cluedenver.org/pipermail/clue-tech/attachments/20020522/70b81f8d/attachment.html
More information about the clue-tech
mailing list