Changing default UMASK for all daemons

Dax Kelson (dkelson@INCONNECT.COM)
Fri, 13 Jun 1997 23:50:18 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Rusty Conover: "Netscape Exploit... with technical details."
Previous message: Todd C. Miller: "Re: rshd gives away usernames"
Next in thread: Joe Traister: "Re: Changing default UMASK for all daemons"

This is applicable regarding files created by syslog, ftpd, etc.

Dax Kelson
Internet Connect, Inc.

This is from the Solaris 2.x FAQ:
http://www.wins.uva.nl/pub/solaris/solaris2/

3.48) How can I prevent daemons from creating mode 666 files?

By default, all daemons inherit the umask 0 from init. This is most
problematic for a service like ftp, which in a standard configuration
leaves all uploaded files with mode 666.

To get daemons to use another umask execute the following commands in
/bin/sh and reboot:

umask 022 # make sure umask.sh gets created with the proper mode
echo "umask 022" > /etc/init.d/umask.sh
for d in /etc/rc?.d
do
ln /etc/init.d/umask.sh $d/S00umask.sh
done

Note: the trailing ".sh" of the scriptname is important, if you don't
specify it, the script will will be executed in a sub-shell, not in the
main shell that executes all other scripts.

Next message: Rusty Conover: "Netscape Exploit... with technical details."
Previous message: Todd C. Miller: "Re: rshd gives away usernames"
Next in thread: Joe Traister: "Re: Changing default UMASK for all daemons"