Greg Wallace wrote:
On Thursday, April 28, 2005 @9:30 AM, Randall R Schulz wrote:
Hylton,
On Thursday 28 April 2005 08:04, Hylton Conacher (ZR1HPC) wrote:
Randall R Schulz wrote:
Erik, ........(snippee)
I've done this before on this list, but here goes...
Every time a program creates a file, it specifies a set of permission bits. If the program is a plain file, the program will usually (_usually_, not always) specify 0666 (read+write for owner, group and others). If the program is creating a directory or an executable file, it will usually use 0777 (read+write+execute for owner, group and others).
Thank you Eril and Randall. Although I knew that the umask was related to file security, I did not know how it was applied. So when the file is created the umask decreases the privileges and then only the owner, in SuSE, can change the permissions, but the umask will not affect the new permissions ie a file is created (0666), umask(022) intervenes and makes it (0644). If the user now changes the permissions to 0666 the umask does not reset the permissions.
Correct.
On _all_ Unix and Linux systems, only the owner of a file (and root) may change its mode. Having permission to write the file, e.g. (or any other permission controlled by the file modes) does not (cannot) grant non-owners the ability to change the file's mode. If you think about it for a moment, were it otherwise, you could not simultaneously allow someone to write the file without losing all control over access to it.
There are other very different permissions schemes based on the notion of "capabilities," and such systems often define the ability to alter an object's permissions as an independently grantable privilege. Some also make the ability to grant a capability as an explicitly controlled capability. Capabilities are powerful and flexible as well as often confusing and subject to unintended consequences.
[snip]
I hope it helped Erik as it certainly did help me.
I'm glad for that.
Randall Schulz
Sorry about the earlier post. I wasn't answering the question you were asking (about creating new files). If you're interested in learning more about umask, type "man umask" in a shell. Here's the first part of what comes out. If you use it it's native form (say in a script), it masks against 777. When setting default file permissions via open, it uses 666. (666&022 giving you the 644). --
snip. Hello Greg. Think it's me you want to write to ?. No reason for being sorry. I have read that about man umask, but I need to go deeper to start. I think the & is for octal, and when you write it down on a piece of paper as ones and zeros you'll get the result. Its a matter of adding/subtracting binaries ?. Erik Jakobsen