You do not have to. I've been trying to tell you all that umask is already set by default. Screwing around with umask passed that is a recipe for disaster. Unless you know exactly what you're doing, and then you do not need to listen to me.
Again, it was a terrible idea to even bring up umask, as such now every newb is going to be screwing around with, and the person who brought it up should be "held liable" for damages. Then we'll see how often people here start giving advice willy nilly . . . william@beaglebone:~$ cat /etc/login.defs |more . . . # UMASK is the default umask value for pam_umask and is used by # useradd and newusers to set the mode of the new home directories. # 022 is the "historical" value in Debian for UMASK # 027, or even 077, could be considered better for privacy # There is no One True Answer here : each sysadmin must make up his/her # mind. # # Prefix these values with "0" to get octal, "0x" to get hexadecimal. # ERASECHAR 0177 KILLCHAR 025 UMASK 022 . . . On Sat, Mar 26, 2016 at 12:12 AM, John Syne <[email protected]> wrote: > Strange. I’m not sure there is a way to not use umask. With umask=022, the > purpose is to set the default permission for newly created files or > directories, so only the owner has write permissions. How is that a > security flaw? I guess you can always make umask=000, but then you are > enabling everyone write permissions as the default and that is a security > flaw. > > Regards, > John > > > > > On Mar 25, 2016, at 11:49 PM, William Hermans <[email protected]> wrote: > > I think it should be pretty clear, and if this is not abundantly clear to > new users. **DO NOT USE umask* *Period. good bye, the end. > > One should leave the default settings and instead work with the system as > intended. Instead of creating a serious potential security hole. > > On Fri, Mar 25, 2016 at 10:27 PM, John Syne <[email protected]> wrote: > >> Hi Mike, >> >> The way I think about this is umask turns off permission, which means >> that the execute permission is provided by gcc. >> >> For example: >> >> MBPR:~ john$ umask >> 0022 >> MBPR:~ john $ touch test >> MBPR:~ john $ ls -la test >> -rw-r--r-- 1 john staff 0 Mar 25 22:15 test >> MBPR:~ john $ gcc -Wall -o hello hello.c >> MBPR:~ john $ ls -la hello >> -rwxr-xr-x 1 john staff 8432 Mar 25 22:17 hello >> >> >> As you can see, 022 is turning off “group" write and “other" write >> permissions. So normally, touch would provide 0666, but when umask is 022, >> permission is anded with the inverse of umask, which provides 0644. So gcc >> would create a file with 0777 if umask was 000. >> >> Regards, >> John >> >> >> >> >> On Mar 25, 2016, at 5:30 PM, Mike <[email protected]> wrote: >> >> On 03/25/2016 08:11 PM, William Hermans wrote: >> >> Im guessing that perhaps gcc's -o option now days enables the executable >> bit on the output file ? I haven't looked into that however. >> >> Nothing at all to do with gcc, reread what I already posted... >> >> Mike >> >> >> On Fri, Mar 25, 2016 at 5:08 PM, William Hermans <[email protected]> >> wrote: >> >>> No, Mike is absolutely correct. dot's meaning in this context is current >>> directory, and slash is just a path modifier / separator. Putting the file >>> in ones $PATH would solve the "problem" of having to use dot slash I've >>> know this forever, I do not know why I was thinking that chmod +x would >>> solve that "issue", because it wont. >>> >>> I do recall at some point perhaps not too long ago that changing file >>> permissions to executable was required. But now days this does not seem to >>> be the case . . . I've always in the last several years use ./executable >>> until I put the executable into my local path . . . >>> >>> On Fri, Mar 25, 2016 at 2:19 PM, Mike < <[email protected]> >>> [email protected]> wrote: >>> >>>> On 03/25/2016 02:03 PM, William Hermans wrote: >>>> >>>> No chmod needed *IF* you precede the command with a dot slash "./". So >>>> when you run a regular Linux command do you have to type this dot slash ? >>>> No because chmod +x is run on the executable at some point . . . >>>> >>>> So be nice to fellow group users who actually know what they're talking >>>> about, and have been on this list a lot longer than you. >>>> >>>> Maybe we need to learn what ./ does... It has absolutely nothing to do >>>> with a files permissions or whether it's executable or not. It's use is >>>> regarding the lack of the current directory "." in one's PATH variable. >>>> Umask is (largely) what controls what permissions a file is created with. >>>> >>>> mike@pride-n-joy:~/test.d$ ls -al >>>> total 12 >>>> drwxr-xr-x 2 mike mike 4096 Mar 25 17:07 . >>>> drwxr-xr-x 37 mike mike 4096 Mar 25 16:46 .. >>>> -rw-r--r-- 1 mike mike 78 Mar 25 16:47 hello.c >>>> mike@pride-n-joy:~/test.d$ umask >>>> 0022 >>>> mike@pride-n-joy:~/test.d$ gcc -Wall -o hello hello.c >>>> mike@pride-n-joy:~/test.d$ ls -l >>>> total 12 >>>> -rwxr-xr-x 1 mike mike 6696 Mar 25 17:08 hello >>>> -rw-r--r-- 1 mike mike 78 Mar 25 16:47 hello.c >>>> mike@pride-n-joy:~/test.d$ hello >>>> bash: hello: command not found >>>> mike@pride-n-joy:~/test.d$ ./hello >>>> Hello, world! >>>> mike@pride-n-joy:~/test.d$ umask 0137 >>>> mike@pride-n-joy:~/test.d$ gcc -Wall -o hello hello.c >>>> mike@pride-n-joy:~/test.d$ ls -l >>>> total 12 >>>> -rw-r----- 1 mike mike 6696 Mar 25 17:09 hello >>>> -rw-r--r-- 1 mike mike 78 Mar 25 16:47 hello.c >>>> mike@pride-n-joy:~/test.d$ hello >>>> bash: hello: command not found >>>> mike@pride-n-joy:~/test.d$ ./hello >>>> bash: ./hello: Permission denied >>>> mike@pride-n-joy:~/test.d$ ls -l >>>> total 12 >>>> -rw-r----- 1 mike mike 6696 Mar 25 17:09 hello >>>> -rw-r--r-- 1 mike mike 78 Mar 25 16:47 hello.c >>>> mike@pride-n-joy:~/test.d$ chmod 0750 hello >>>> mike@pride-n-joy:~/test.d$ ls -l >>>> total 12 >>>> -rwxr-x--- 1 mike mike 6696 Mar 25 17:09 hello >>>> -rw-r--r-- 1 mike mike 78 Mar 25 16:47 hello.c >>>> mike@pride-n-joy:~/test.d$ ./hello >>>> Hello, world! >>>> mike@pride-n-joy:~/test.d$ umask 022 >>>> mike@pride-n-joy:~/test.d$ umask >>>> 0022 >>>> mike@pride-n-joy:~/test.d$ >>>> >>>> Mike >>>> >>>> >>>> On Fri, Mar 25, 2016 at 8:53 AM, Dieter Wirz < <[email protected]> >>>> [email protected]> wrote: >>>> >>>>> On Fri, Mar 25, 2016 at 3:57 PM, Graham Haddock < >>>>> <[email protected]>[email protected]> wrote: >>>>> > Yes. >>>>> > sudo chmod 755 myprogram >>>>> > or >>>>> > sudo chmod 755 myprogram.o >>>>> > >>>>> Graham, please do not tell fairy tails on this list! >>>>> >>>>> $ echo '#include <stdio.h>' > hello.c >>>>> $ echo 'int main (void) { printf ("Hello, world!\n"); return 0; }' >>>>> >> hello.c >>>>> $ cat hello.c >>>>> #include <stdio.h> >>>>> int main (void) { printf ("Hello, world!\n"); return 0; } >>>>> $ gcc -Wall -o hello hello.c >>>>> $ ./hello >>>>> Hello, world! >>>>> $ ls -l >>>>> total 12 >>>>> -rwxrwxr-x 1 dw dw 7332 Mar 25 16:32 hello >>>>> -rw-rw-r-- 1 dw dw 80 Mar 25 16:31 hello.c >>>>> $ >>>>> >>>>> No chmod needed, no myprogram.o there, why the sudo???? >>>>> >>>> >>>> -- >>>> For more options, visit <http://beagleboard.org/discuss> >>>> http://beagleboard.org/discuss >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "BeagleBoard" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to <[email protected]> >>>> [email protected]. >>>> For more options, visit <https://groups.google.com/d/optout> >>>> https://groups.google.com/d/optout. >>>> >>> >>> >> -- >> For more options, visit http://beagleboard.org/discuss >> --- >> You received this message because you are subscribed to the Google Groups >> "BeagleBoard" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/d/optout. >> >> >> >> -- >> For more options, visit http://beagleboard.org/discuss >> --- >> You received this message because you are subscribed to the Google Groups >> "BeagleBoard" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/d/optout. >> >> >> >> -- >> For more options, visit http://beagleboard.org/discuss >> --- >> You received this message because you are subscribed to the Google Groups >> "BeagleBoard" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/d/optout. >> > > > -- > For more options, visit http://beagleboard.org/discuss > --- > You received this message because you are subscribed to the Google Groups > "BeagleBoard" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > > > -- > For more options, visit http://beagleboard.org/discuss > --- > You received this message because you are subscribed to the Google Groups > "BeagleBoard" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups "BeagleBoard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
