The default permission umask of the /etc/bashrc user is 002

Enterprise 2023-12-17 06:00:52 views: null

risk monitoring

Detection type: /etc/bashrc user default permission check
Risk level: medium risk
Configuration recommendations: /etc/bashrc The umask set in the file is 002, which does not meet the requirements. It is recommended to set it to 027

Solution

Find the umask parameter in the /etc/bashrc file and change its original parameter value 002 to 027.

  • Open a terminal.

Open the user's .bashrc file with a text editor (such as nano or vi) and run the following command:

vi /etc/bashrc
  • Change parameters

In the open file, look for any lines containing umask. If there are multiple umask lines, make sure you modify the correct line.

Changes the value of the umask line from 002 to 027 . You can change the value manually or use the find and replace function in a text editor.

  • Save the file and close the text editor

Now when you log back into your terminal session, the user's umask value will change to 027. This will affect the default permission settings for newly created files and directories. Please note that modifying the umask value may have an impact on other users' access to files and directories you create, so make sure you understand the possible impact of your changes.

The difference between umask 002 and 027

The difference between umask 002 and umask 027 is their default permission settings for newly created files and directories.

umask 002The settings are relatively strict. It disables other users' write permissions by default and only retains read permissions. Specifically, for newly created files, umask 002 will set the permissions of other users to read-only, that is, the file owner has read, write, and execute permissions (rwx), while group users and other users only have read permissions (r— x). For the newly created directory, umask 002 will set the permissions of other users to read-only and execute, that is, the directory owner has read, write, and execute permissions (rwx), while the group user and other users only have read and execute permissions (r-x) .

umask 027The settings are relatively loose. It disables other users' write and execution permissions by default, and only retains read permissions. Specifically, for newly created files, umask 027 will set the permissions of other users to read-only, that is, the file owner has read, write, and execute permissions (rwx), while group users and other users only have read permissions (r— x). However, for newly created directories, umask 027 will set the permissions of other users to read-only, that is, the directory owner has read, write, and execute permissions (rwx), while group users and other users only have read permissions (r—x) .

In short, the difference between umask 002 and umask 027 is that they have different default permission settings for newly created directories. Umask 002 is more strict and will disable other users' write permissions and only retain read permissions; while umask 027 is more relaxed and will disable other users' write and execution permissions and only retain read permissions.

Guess you like

Origin blog.csdn.net/no1xium/article/details/134662652
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com