Umask

From UMIACS
Revision as of 18:44, 16 June 2008 by Derek (talk | contribs)
Jump to navigation Jump to search

umask is the way the UNIX operating system determines what default permissions that files and directories are created with.

The mask itself is applied as a bitwise AND operation then a bitwise NOT of that with the default full access mode permisions.

Directories full access is 666 and files it is 777.

The three popular umasks are 022, 002 and 000.

022

This as the example shows above that you will get full rwx for the user, r-x for the group and r-x for other. This is the default in almost all of our operating systems. 

        777  111 111 111
AND NOT 022  111 101 101   
      = 755  111 101 101

002

This would give full rwx for the user, full rwx for the group and give only r-x for other. This is helpful when you want your default group (or a SetGID directory) to have full control over the files and directories you create while allowing everyone else read and execute permissions. 

        777  111 111 111
AND NOT 002  111 111 101   
      = 775  111 111 101

007

This will give the user and group full rwx permissions and give other no permissions. 

        777  111 111 111
AND NOT 007  111 111 000   
      = 770  111 111 000

000

Please never use this umask as it will give full control to user, group and other. In other words it makes the directory or file world read, write and executable and can be a large security risk to you and your colleagues.


Setting umask

To set your umask most shells allow you to just run the umask command with the mode that you want to set. This however unless done in your shell initialization scripts (eg, .cshrc or .bash_profile, etc..) will only take effect for your current shell. You may put the same line in your shell initialization scripts as seen here, 

[derek@novelty ~]$ cat .cshrc 
setenv EDITOR vim
umask 002
Retrieved from "https://wiki.umiacs.umd.edu/umiacs/index.php?title=Umask&oldid=2005"