LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 05-08-2005, 02:42 PM   #1
bmorel
LQ Newbie
 
Registered: Mar 2005
Location: Paris, France
Distribution: RHEL 3
Posts: 17

Rep: Reputation: 0
Question Change default file permissions


Hello all,

I'm wondering why, on linux, default file permissions permit to all users on the machine to read-only other user's files (chmod 755).

For security reasons, I'd like for my users that their files can by default NOT be accessed by other users, whenever they are created by bash, php, or ftp daemon (vsftpd).

How can I achieve this ?

Thanks a lot for your answers.

Ben
 
Old 05-08-2005, 03:08 PM   #2
jailbait
Guru
 
Registered: Feb 2003
Location: Blue Ridge Mountain
Distribution: Debian Wheezy, Debian Jessie
Posts: 7,502

Rep: Reputation: 162Reputation: 162
"I'm wondering why, on linux, default file permissions permit to all users on the machine to read-only other user's files (chmod 755)."

The default file permissions are kept in /etc/permissions and/or /etc/permissions.d. How the default permissions are set up is defined by the distribution. Many distributions allow you to specify a security level during install. You can later change the default file permissions by changing /etc/permissions and/or /etc/permissions.d.

--------------------------
Steve Stites
 
Old 05-08-2005, 03:12 PM   #3
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,971
Blog Entries: 11

Rep: Reputation: 876Reputation: 876Reputation: 876Reputation: 876Reputation: 876Reputation: 876Reputation: 876
As always, there's several ways of doing this ...

1) edit everyones .bashrc/.bash_profile/.bash_login
(whichever applies) to contain
umask 077 which will grant NO permissions to group
and other.

2) edit /etc/profile to have that umask


Cheers,
Tink
 
Old 05-08-2005, 06:40 PM   #4
bmorel
LQ Newbie
 
Registered: Mar 2005
Location: Paris, France
Distribution: RHEL 3
Posts: 17

Original Poster
Rep: Reputation: 0
jailbait, thanks for your answer, but I think these files are suse-specific, since they don't exist on my distrib (redhat).

tinkster, thanks for help, this will help me, but I've got related questions :

- these files affect only shells, right? the modif did not affect proftpd -which as only one umask config, not per-user config-. For php, I don't know how to do. Isn't there a more "global" way to set this ?
- I found that the script giving default umask is /etc/bashrc. Is it safe to modify this file directly, with the umask you specified above? Or is it safer to leave it unchanged and add another umask in another config file, called after ?

Thanks.
Ben
 
Old 05-08-2005, 07:06 PM   #5
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,971
Blog Entries: 11

Rep: Reputation: 876Reputation: 876Reputation: 876Reputation: 876Reputation: 876Reputation: 876Reputation: 876
Yep, filename vary with distro ... I used the one that
Slack utilises since you didn't put your distro in either
the post or your details ...

As long as you don't make syntactical errors on that line,
and don't screw up other parts of the script it's safe ;}

A very good rule would be to make a back-up copy
of any script you are about to modify before you start
editing it.


Cheers,
Tink
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Restore all default file permissions pauliehaha Linux - General 4 05-25-2011 11:56 PM
Default directory and file permissions kodon Slackware 10 08-08-2004 08:27 AM
Is it possible to create default file permissions? Thermodynamic Linux - Software 3 04-09-2004 05:28 PM
umask and default file create permissions Rgamboa Linux - Newbie 5 05-20-2003 11:03 AM
Samba default File Permissions Nelleh Linux - Networking 6 06-06-2002 08:09 AM


All times are GMT -5. The time now is 05:56 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration