Bruce Dubbs wrote: > Jeremy Huntwork wrote: > >>Hey Guys: >> >>It's very possible that I'm misunderstanding something here, but I have >>a question. In the Bash Shell Startup Files section, where we use the >>umask script, there is this note: >> >>Setting the umask value is important for security. Here the default >>group write permissions are turned off for system users and when the >>user name and group name *are not* the same. >> >>However, if I'm reading the script correctly, this actually happens when >>the user and group name *are* the same and it's an id above 99: >> >>if [ "$(id -gn)" = "$(id -un)" -a $EUID -gt 99 ] ; then >> umask 002 > > > I went back and reviewed the page. You left off the else. The full > text is: > > Setting the umask value is important for security. Here the default > group write permissions are turned off for system users and when the > user name and group name are not the same. > > # By default we want the umask to get set. > if [ "$(id -gn)" = "$(id -un)" -a $EUID -gt 99 ] ; then > umask 002 > else > umask 022 > fi > > would it make more sense to you if we reversed the if: > > if [ "$(id -gn)" != "$(id -un)" -o $EUID -lt 100 ] ; then > umask 022 > else > umask 022 > fi > > The two expressions are equivilent. > > -- Bruce
Arg.. That should be if [ "$(id -gn)" != "$(id -un)" -o $EUID -lt 100 ] ; then umask 022 else umask 002 # change here fi -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
