Default umask
When you create a file or directory, it has a default set of permissions. These default permissions are determined by the value of umask(1) in the system file /etc/profile, or in your .cshrc or .login file. By default, the system sets the permissions on a text file to 666, granting read and write permission to user, group, and others, and to 777 on a directory or executable file.
The value assigned by umask is subtracted from the default. This has the effect of denying permissions in the same way that chmod grants them. For example, while the command chmod 022 grants write permission to group and others, umask 022 denies write permission for group and others.
The table below shows some typical umask settings, and the effect on an executable file.
Table 17-3 umask Settings for Different Security Levels|
Level of Security |
umask |
Disallows |
|---|---|---|
|
Permissive (744) |
022 |
w for group and others |
|
Moderate (740) |
027 |
w for group, rwx for others |
|
Moderate (741) |
026 |
w for group, rw for others |
|
Severe (700) |
077 |
rwx for group and others |
- © 2010, Oracle Corporation and/or its affiliates