[4683] in bugtraq
Changing default UMASK for all daemons
daemon@ATHENA.MIT.EDU (Dax Kelson)
Sat Jun 14 05:56:50 1997
Date: Fri, 13 Jun 1997 23:50:18 -0600
Reply-To: Dax Kelson <dkelson@INCONNECT.COM>
From: Dax Kelson <dkelson@INCONNECT.COM>
To: BUGTRAQ@NETSPACE.ORG
This is applicable regarding files created by syslog, ftpd, etc.
Dax Kelson
Internet Connect, Inc.
This is from the Solaris 2.x FAQ:
http://www.wins.uva.nl/pub/solaris/solaris2/
3.48) How can I prevent daemons from creating mode 666 files?
By default, all daemons inherit the umask 0 from init. This is most
problematic for a service like ftp, which in a standard configuration
leaves all uploaded files with mode 666.
To get daemons to use another umask execute the following commands in
/bin/sh and reboot:
umask 022 # make sure umask.sh gets created with the proper mode
echo "umask 022" > /etc/init.d/umask.sh
for d in /etc/rc?.d
do
ln /etc/init.d/umask.sh $d/S00umask.sh
done
Note: the trailing ".sh" of the scriptname is important, if you don't
specify it, the script will will be executed in a sub-shell, not in the
main shell that executes all other scripts.
