From owner-freebsd-security Sat Feb 19 9:39:56 2000 Delivered-To: freebsd-security@freebsd.org Received: from relay.rtsnet.ru (bravo.rtsnet.ru [194.247.132.8]) by hub.freebsd.org (Postfix) with ESMTP id 08B8137BC01 for ; Sat, 19 Feb 2000 09:39:51 -0800 (PST) (envelope-from igor@rtsnet.ru) Received: from shogun.rtsnet.ru (shogun.rtsnet.ru [172.16.4.32]) by relay.rtsnet.ru (Postfix) with ESMTP id DAEBE198C03; Sat, 19 Feb 2000 20:39:52 +0300 (MSK) Received: (from igor@localhost) by shogun.rtsnet.ru (8.9.3/8.9.3/Zynaps) id UAA00933; Sat, 19 Feb 2000 20:39:50 +0300 (MSK) Date: Sat, 19 Feb 2000 20:39:50 +0300 From: Igor Vinokurov To: Sheldon Hearn Cc: freebsd-security@FreeBSD.ORG Subject: Re: pw && umask Message-ID: <20000219203950.A884@shogun.rtsnet.ru> References: <20000219200142.A605@shogun.rtsnet.ru> <90578.950981457@axl.noc.iafrica.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.6i In-Reply-To: <90578.950981457@axl.noc.iafrica.com>; from Sheldon Hearn on Sat, Feb 19, 2000 at 07:30:57PM +0200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, Feb 19, 2000 at 19:30 +0200, Sheldon Hearn wrote: > > On Sat, 19 Feb 2000 20:01:42 +0300, Igor Vinokurov wrote: > > > We use pw for automatic registration of new users in the system. > > For security reasons we use 072 as umask for all users. Unfortunately, > > pw creates a user home directory with the umask which was for the one > > who has started pw. > > > > How to solve this problem? > > How about setting the umask(2) before running pw(8) by using the umask(1) > builtin command of the shell? Both the csh(1) and sh(1) shells supplied > with FreeBSD provide a umask(1) builtin command. I have tried this way before asking :) [shell:~]:1015# umask 072 [shell:~]:1016# pw user add -n test -m [shell:~]:1017# ls -lad ~test drwxr-xr-x 3 test user 512 Feb 19 20:34 /usr/home/test [shell:~]:1018# umask 072 [shell:~]:1019# As you can see mode of the new directory 0755, should be 0705. -- Igor Vinokurov To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message