Owner's manual

ManualsBrandsHP ManualsComputer HardwareNonStop G-Series

121

122

123

124

125

126

127

128

129

130

2=no write permission

1=no execute permission

0=read,write, and execute permission

Table 21 lists the eight possible octal values for each position of octalnumber for umask. Note

that the umask permission values are the inverse of those specified for regular permission codes.

Also note that these permission values are applied to those set by the creating program.

Table 21 The umask Permission Combinations

DescriptionMaximum Allowed Permissions

Octal

Number

Read, write, and executerwx0

Read and writerw-1

Read and executer-x2

Readr--3

Write and execute-wx4

Write-w-5

Execute--x6

No permissions granted---7

For example, if you specify a user mask of 027:

• The owner is allowed all permissions requested by the program creating the file (0).

• The group is allowed read and execute permission but not write permission (2).

• The others are not allowed any permissions (7).

A good user mask value to set for your own files and directories depends upon how freely

information resources are shared on your system. The following guidelines may be useful:

• In a very open computing environment, you might specify 000 as a user mask value, which

imposes no restrictions on file or directory access. As a result, when a program creates a file

and specifies permission codes for it, the user mask imposes no restrictions on what the creating

program has specified.

• In a more secure computing environment, you might specify 066 as a user mask value, which

allows you total access but prevents all others from being able to read or write to your files.

As a result, when a file is created, its permissions are set to what the creating program specifies,

minus the user mask restrictions that prevent read and write access for everyone but you.

• In a very secure computing environment, you might specify 077 as a user mask value, which

means that only you have access to your files. As a result, when a file is created, its permissions

are set to what the creating program specifies, minus the user mask restrictions that prevent

anyone else from reading, writing, or executing your files.

To show you how umask would work, suppose that you have entered the following command:

$ umask 037

This command establishes the following conditions:

• You (the owner) are allowed all permissions.

• Members of your group are allowed read permission but not write and execute permissions.

• The others are not allowed any permissions.

Also, suppose that you have just created a file. By default, your text editor always assigns the

following default permissions: owners are allowed all permissions, and all others are allowed only

Setting the User Mask 129