[CLUE-Tech] Directory permissions -- problems with '-w--w--w-'

David Jackson david.j.jackson at pickledbeans.com
Wed May 22 12:21:32 MDT 2002 

Remember umask works in reverse:

rwx-rwx-rwx = 777
umask         022
------------------
file perms =  755

 777
-027
-----
 750

What a lot of systems,to is create a group for each user by 
default so my user and group would be davej.

But cann't hide from root, that I know of.
As the thread I pointed you to explains, the same perms,
a directory mean something different on a file...but
then again that Unix for you.

david


> Okay, thanks I found this in /etc/profile:
> 
> umask 022
> 
> Then changed it to:
> 
> umask 027
> 
> What I'm looking for is the privacy of each user from all other users 
> except root.
> 
> What would be the appropriate "umask" to achieve that without adversly 
> affecting the operation of the system?
> 
> I found the following explanation:
> 
> http://www.tldp.org/HOWTO/Security-HOWTO-5.html
> 
> 
>    5.1 Umask Settings
> 
> The umask command can be used to determine the default file creation 
> mode on your system. It is the octal complement of the desired file 
> mode. If files are created without any regard to their permissions 
> settings, the user could inadvertently give read or write permission to
>  someone that should not have this permission. Typical umask settings 
> include 022, 027, and 077 (which is the most restrictive). Normally the
>  umask is set in /etc/profile, so it applies to all users on the
> system.  The file creation mask can be calculated by subtracting the
> desired  value from 777. In other words, a umask of 777 would cause
> newly-created  files to contain no read, write or execute permission
> for anyone. A mask  of 666 would cause newly-created files to have a
> mask of 111. For  example, you may have a line that looks like this:
> 
>                # Set the user's default umask
>                umask 033
> 
> Be sure to make root's umask 077, which will disable read, write, and 
> execute permission for other users, unless explicitly changed using 
> chmod. In this case, newly-created directories would have 744 
> permissions, obtained by subtracting 033 from 777. Newly-created files 
> using the 033 umask would have permissions of 644.
> 
> If you are using Red Hat, and adhere to their user and group ID
> creation  scheme (User Private Groups), it is only necessary to use 002
> for a  umask. This is due to the fact that the default configuration is
> one  user per group.
> 
> 
> 
> 
> David Jackson wrote:
> 
>>Joe --
>>The default file permission are set by umask usally in /etc/profile?
>>How log does it take for perm to be changed? If it regular interval
>>then theres a cron running, if it's after reboot there may be something
>>in on of the rc scripts.
>>
>>David
>>
>>
>>>The problem I'm having is Mandrake 8.2 is changing the permissions on
>>>my  "/home/user" folder without me giving permission.  I set it to 770
>>>and  then shortly thereafter, the system changes it to 755.  This is
>>>not what  I want, and I don't seem to be able to fix it.
>>>
>>
>>
>>
>>
>>_______________________________________________
>>CLUE-Tech mailing list
>>CLUE-Tech at clue.denver.co.us
>>http://clue.denver.co.us/mailman/listinfo/clue-tech


--

More information about the clue-tech mailing list