The umask permission combinations – HP NonStop G-Series User Manual
Page 129
2=no write permission
1=no execute permission
0=read,write, and execute permission
lists the eight possible octal values for each position of octalnumber for umask. Note
that the umask permission values are the inverse of those specified for regular permission codes.
Also note that these permission values are applied to those set by the creating program.
Table 21 The umask Permission Combinations
Description
Maximum Allowed Permissions
Octal
Number
Read, write, and execute
rwx
0
Read and write
rw-
1
Read and execute
r-x
2
Read
r--
3
Write and execute
-wx
4
Write
-w-
5
Execute
--x
6
No permissions granted
---
7
For example, if you specify a user mask of 027:
•
The owner is allowed all permissions requested by the program creating the file (0).
•
The group is allowed read and execute permission but not write permission (2).
•
The others are not allowed any permissions (7).
A good user mask value to set for your own files and directories depends upon how freely
information resources are shared on your system. The following guidelines may be useful:
•
In a very open computing environment, you might specify 000 as a user mask value, which
imposes no restrictions on file or directory access. As a result, when a program creates a file
and specifies permission codes for it, the user mask imposes no restrictions on what the creating
program has specified.
•
In a more secure computing environment, you might specify 066 as a user mask value, which
allows you total access but prevents all others from being able to read or write to your files.
As a result, when a file is created, its permissions are set to what the creating program specifies,
minus the user mask restrictions that prevent read and write access for everyone but you.
•
In a very secure computing environment, you might specify 077 as a user mask value, which
means that only you have access to your files. As a result, when a file is created, its permissions
are set to what the creating program specifies, minus the user mask restrictions that prevent
anyone else from reading, writing, or executing your files.
To show you how umask would work, suppose that you have entered the following command:
$ umask 037
This command establishes the following conditions:
•
You (the owner) are allowed all permissions.
•
Members of your group are allowed read permission but not write and execute permissions.
•
The others are not allowed any permissions.
Also, suppose that you have just created a file. By default, your text editor always assigns the
following default permissions: owners are allowed all permissions, and all others are allowed only
Setting the User Mask
129