Re: [SLE] Alert

• Previous message: Colin Carter: "Re: [SLE] Interesting review of SuSE 9.3"
• In reply to: Greg Wallace: "RE: [SLE] Alert"
• Next in thread: Greg Wallace: "RE: [SLE] Alert"
• Reply: Greg Wallace: "RE: [SLE] Alert"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Fri, 29 Apr 2005 05:43:55 +0200
To: suse-linux-e@suse.com

Greg Wallace wrote:
>On Thursday, April 28, 2005 @9:30 AM, Randall R Schulz wrote:
>
>>Hylton,
>>
>
>
>>On Thursday 28 April 2005 08:04, Hylton Conacher (ZR1HPC) wrote:
>>
>>>Randall R Schulz wrote:
>>>
>>>>Erik,
>>>>........(snippee)
>>>>
>>>>I've done this before on this list, but here goes...
>>>>
>>>>Every time a program creates a file, it specifies a set of
>>>>permission bits. If the program is a plain file, the program will
>>>>usually (_usually_, not always) specify 0666 (read+write for owner,
>>>>group and others). If the program is creating a directory or an
>>>>executable file, it will usually use 0777 (read+write+execute for
>>>>owner, group and others).
>>>>
>>>Thank you Eril and Randall. Although I knew that the umask was
>>>related to file security, I did not know how it was applied. So when
>>>the file is created the umask decreases the privileges and then only
>>>the owner, in SuSE, can change the permissions, but the umask will
>>>not affect the new permissions ie a file is created (0666),
>>>umask(022) intervenes and makes it (0644). If the user now changes
>>>the permissions to 0666 the umask does not reset the permissions.
>>>
>
>
>>Correct.
>>
>
>
>>On _all_ Unix and Linux systems, only the owner of a file (and root) may
>>change its mode. Having permission to write the file, e.g. (or any
>>other permission controlled by the file modes) does not (cannot) grant
>>non-owners the ability to change the file's mode. If you think about it
>>for a moment, were it otherwise, you could not simultaneously allow
>>someone to write the file without losing all control over access to it.
>>
>>There are other very different permissions schemes based on the notion
>>of "capabilities," and such systems often define the ability to alter
>>an object's permissions as an independently grantable privilege. Some
>>also make the ability to grant a capability as an explicitly controlled
>>capability. Capabilities are powerful and flexible as well as often
>>confusing and subject to unintended consequences.
>>
>
>
>
>>>[snip]
>>>
>>>I hope it helped Erik as it certainly did help me.
>>>
>
>
>
>>I'm glad for that.
>>
>
>
>
>>Randall Schulz
>>
>
>Sorry about the earlier post. I wasn't answering the question you were
>asking (about creating new files). If you're interested in learning more
>about umask, type "man umask" in a shell. Here's the first part of what
>comes out. If you use it it's native form (say in a script), it masks
>against 777. When setting default file permissions via open, it uses 666.
>(666&022 giving you the 644). --
>
>
snip.

Hello Greg. Think it's me you want to write to ?. No reason for being
sorry. I have read
that about man umask, but I need to go deeper to start. I think the & is
for octal, and when
you write it down on a piece of paper as ones and zeros you'll get the
result. Its a matter
of adding/subtracting binaries ?.

Erik Jakobsen

-- 
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@suse.com

• Previous message: Colin Carter: "Re: [SLE] Interesting review of SuSE 9.3"
• In reply to: Greg Wallace: "RE: [SLE] Alert"
• Next in thread: Greg Wallace: "RE: [SLE] Alert"
• Reply: Greg Wallace: "RE: [SLE] Alert"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]