umask configration in unix


Ksh and umask -S

The Korn shell has a nice feature with its built-in umask command. The -S option is used to symbolically—rather than numerically—display the user’s umask. For example
% sh
% umask
0027
% ksh
% umask
0027
% umask -S
u=rwx,g=rx,o=
%

Default File Permissions and umask

Permissions for files that are created with commands such as vi, cp, or touch or with shell redirection are determined by applying the process’s umask value to the initial value 666. This is illustrated in the following example.
% umask
0027
% touch
test
% ls -ld test
-rw-r—– 1 pete staff 0 Oct 1 07:17 test
%
In this example, the file’s permissions can be calculated as 666 (initial value) less 027 (umask) equals 640 (the file’s permissions).

Root User umask

I recommend that root’s umask be set to 077 or 027. This will result in any file created by root being not readable or writable by others.

Default Directory Permissions and umask

Permissions for directories created with commands such as mkdir are determined by applying the process’s umask value to the initial value 777. The following example illustrates this.
% umask
0027
% mkdir
test
% ls -la test
-rwxr-x— 2 test staff 0 Sep 1 17:10 test
%
In this example, the directory’s permissions are calculated as 777 (initial value) less 027 (umask), giving 750 (the directory’s permissions).

Leave a Reply

Your email address will not be published. Required fields are marked *

CAPTCHA *