How can I prevent daemons from creating mode 666 files?

How can I prevent daemons from creating mode 666 files?



Prior to Solaris 8, all daemons inherited the umask 0 from init.
In Solaris 8, the default was changed from 0 to 022, a saner
value. It is now settable in /etc/default/init (CMASK=value).
The old behaviour is most problematic for a service like ftp, which
in a standard configuration leaves all uploaded files with mode 666.


To get daemons to use another umask execute the following
commands in /bin/sh and reboot: 




umask 022  # make sure umask.sh gets created with the proper mode


echo "umask 022" > /etc/init.d/umask.sh


for d in /etc/rc?.d


do


	ln /etc/init.d/umask.sh $d/S00umask.sh


done


Note: the trailing ".sh" of the scriptname is important, if
you don't specify it, the script will will be executed in a
sub-shell, not in the main shell that executes all other scripts.


In Solaris 2.6 and later, in.ftpd(1M) allows setting its umask
in /etc/default/ftpd.




Home
FAQ