Thread: umask 007
View Single Post
  #2  
Old 15th May 2008, 20:00
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

Quote:
Originally Posted by Shella
Hi all, i tried to follow instruction to make an hardening on CentOs 5.1 with Bastille.
In the tutorial is suggested to set the umask as 007. Can please somebody explain me the advantages setting this umask in this way please?
If i understood it's work so:

if a file have permission like 0777, with the umask 007 i have back a permission like 770.... right?
Yes, when you upload a file via FTP, it will have 770 permissions. The umask has no effect on existing files.

Quote:
Originally Posted by Shella
If so... why it's suggested to set umask in this way?
770 means that the owner and the group have all permissions for that file, but everyone else has no permissions at all (not even read permissions) - it's a security measure.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote