Umask
(Proper usage) |
|||
(2 intermediate revisions by 2 users not shown) | |||
Line 2: | Line 2: | ||
umask xxx | umask xxx | ||
− | where xxx is the inverse of the [[numeric_permissions]] that you want the file to have. To clarify: you have to subtract your [[umask]] value from 777 to get the umask value that will | + | where xxx is the inverse of the [[numeric_permissions]] that you want the file to have. To clarify: you have to subtract your [[umask]] value from 777 to get the umask value that will give you the permissions you want. |
If you set a umask of 027 | If you set a umask of 027 | ||
Line 9: | Line 9: | ||
Which means your default files will be created with -rwxr-x--- permissions. | Which means your default files will be created with -rwxr-x--- permissions. | ||
+ | |||
+ | ==Proper usage== | ||
+ | |||
+ | The first digit should always be 0. This allows you, the file owner, full rwx permissions for the files you create. | ||
+ | |||
+ | The third digit should be one of 2, 3, 6, 7. These give other people permissions of r-x, r--, --x, or ---. (avoiding write permission) If you have web pages in your home directory, be sure to consider the affect your choice will have. Setting an [[ACL]] may be useful. | ||
+ | |||
+ | The second digit should match the third digit if your [[group]] is shared with other people. In this case, other people are considered to be potentially hostile. If you have a group all to yourself, probably with the same name as your username, then you should make the second digit match the first digit. In this case, called user-private groups, [[SysV]]-style group inheritance on directories (not available on all BSD systems) can be used to make shared project permissions easier to deal with. | ||
+ | |||
+ | [[Category:System Commands]] [[Category:FreeBSD Terminology]] |
Latest revision as of 01:07, 25 November 2005
umask defines what permissions files are given when you create them. The umask is set in your .profile (or shell profile, like .cshrc or .bashrc, etc) and will be set with the simple line (just like you would give on the command line):
umask xxx
where xxx is the inverse of the numeric_permissions that you want the file to have. To clarify: you have to subtract your umask value from 777 to get the umask value that will give you the permissions you want.
If you set a umask of 027 and then subtract it from 777 means your files have a default permission of 750
Which means your default files will be created with -rwxr-x--- permissions.
[edit] Proper usage
The first digit should always be 0. This allows you, the file owner, full rwx permissions for the files you create.
The third digit should be one of 2, 3, 6, 7. These give other people permissions of r-x, r--, --x, or ---. (avoiding write permission) If you have web pages in your home directory, be sure to consider the affect your choice will have. Setting an ACL may be useful.
The second digit should match the third digit if your group is shared with other people. In this case, other people are considered to be potentially hostile. If you have a group all to yourself, probably with the same name as your username, then you should make the second digit match the first digit. In this case, called user-private groups, SysV-style group inheritance on directories (not available on all BSD systems) can be used to make shared project permissions easier to deal with.