[WNYLUG-Users] Changing my default umask

Joe josephj at main.nc.us
Tue Aug 30 15:55:44 EDT 2011


Thanks.  That's exactly what I was looking for.

Joe

On 08/30/2011 08:54 AM, Darin Perusich wrote:
> The default umask on every unix/linux system is 022, even the secure
> by default OpenBSD. While I can't provide as answer as to why that's
> the default it more than likely has something to do with the fact that
> unix/linux systems are multi-user systems. Technically there is no
> problem with setting "your" umask to 077 and if the system truly is a
> single-user system then it won't inconvenience anyone.
>
> If you opt to set the default umask for the whole system, edit
> /etc/login.defs, to something other than 022 then you should
> *explicitly* set root's umask to 022. Not doing this will effect and
> set improper permissions on files/dirs created when software is
> installed, scripts are run, etc, which are meant to have particular
> permissions and will render them unreadable and inaccessible normal
> users.
>
> When a user needs to traverse a directory structure they need the
> execute (x) bit set and to read/view its contents the read (r) bit
> must be set. The write (w) bit does not need to be set a a directory
> for a user to modify a file within but the group write bit must be set
> on the file and the user be a member of said group. It is required for
> the user to create new files/dirs with said directory.
>
> --
> Later,
> Darin
>
>
>
> On Mon, Aug 29, 2011 at 7:47 PM, Joe<josephj at main.nc.us>  wrote:
>> When I create files and directories under my user, I expect that they are
>> private to me and not accessible by others unless I explicitly share them.
>>
>> The default umask for kubuntu (and for a bunch of other distros) seems to be
>> 0022 which yields -rw-r--r-- for files and rwxr-xr-x for directories and
>> lets the whole world (if they can access my machine at all) read my stuff.
>>
>> Why is that the default?
>>
>> Is there any problem with setting umask globally to 0077 which yields
>> -rw------- for files and -rwx------ for directories?
>>
>> Why wouldn't most people want it that way to start with?  Am I missing
>> something?
>>
> _______________________________________________
> Users mailing list
> Users at wnylug.org
> http://wnylug.org/mailman/listinfo/users_wnylug.org
>




More information about the Users mailing list