Skip to main content
IBM  
Shop Support Downloads
IBM Home Products Consulting Industries News About IBM
IBM developerWorks : Linux : Education - Tutorials
LPI certification 102 exam prep, Part 3
ZIPPDF (letter)PDF (A4)e-mail
Main menuSection menuFeedbackPreviousNext
4. Security overview
  


File permissions for user files page 4 of 21


Finally, user files are often created world-readable by default. That probably isn't the expectation of your users, and it certainly isn't the best policy. You should set the default umask in /etc/profile using something like the following:


if [ "$UID" = 0 ]; then
  # root user; set world-readable by default so that
  # installed files can be read by normal users.
  umask 022
else
  # make user files secure unless they explicitly open them
  # for reading by other users
  umask 077
fi

You should consult the umask(2) and bash(1) man pages for more information on setting the umask. Note that the umask(2) man page refers to the C function, but the information it contains applies to the bash command as well. See Part 3 of the LPI 101 series for additional details on umask.


Main menuSection menuFeedbackPreviousNext
Privacy Legal Contact