Kevan, On Wednesday 02 March 2005 14:29, Kevanf1 wrote:
On Wed, 2 Mar 2005 09:03:25 -0800, Randall R Schulz <rschulz@sonic.net> wrote:
Chris,
On Wednesday 02 March 2005 08:45, Chris Carlen wrote:
Kevanf1 wrote:
...
Change your global umask to 000 and see how secure your system is. Will Linux stop you?
Actually I think I meant 777. The umask is NANDed with octal 777 in order to determine the default permissions used to create files.
The mode assigned to a file is that supplied by the program AND-ed with the negation of the umask. NAND (bitwise or otherwise) is usually interpreted as negating after AND-ing its inputs, which isn't what's happening with file modes.
No, you had it right the first time. A umask of 0 is least secure, in that most newly created files end up with mode 666 (rw-rw-rw-) or 777 (rwxrwxrwx).
...
Good day!
Randall Schulz
Ah ha :-) I now have a basic grasp of the umask subject. Thanks guys. I am right in assuming the three groupings correspond to owner - group - others ? So that rw_rw_r__ would give read write access to both user and group but only read to others?
Yes, that's right. Next check out how directories are special w.r.t. interpretation of modes and then learn about access groups.
Kevan Farmer
Randall Schulz