Strange. I’m not sure there is a way to not use umask. With umask=022, the purpose is to set the default permission for newly created files or directories, so only the owner has write permissions. How is that a security flaw? I guess you can always make umask=000, but then you are enabling everyone write permissions as the default and that is a security flaw.
Regards, John > On Mar 25, 2016, at 11:49 PM, William Hermans <yyrk...@gmail.com> wrote: > > I think it should be pretty clear, and if this is not abundantly clear to new > users. *DO NOT USE umask* Period. good bye, the end. > > One should leave the default settings and instead work with the system as > intended. Instead of creating a serious potential security hole. > > On Fri, Mar 25, 2016 at 10:27 PM, John Syne <john3...@gmail.com > <mailto:john3...@gmail.com>> wrote: > Hi Mike, > > The way I think about this is umask turns off permission, which means that > the execute permission is provided by gcc. > > For example: > > MBPR:~ john$ umask > 0022 > MBPR:~ john $ touch test > MBPR:~ john $ ls -la test > -rw-r--r-- 1 john staff 0 Mar 25 22:15 test > MBPR:~ john $ gcc -Wall -o hello hello.c > MBPR:~ john $ ls -la hello > -rwxr-xr-x 1 john staff 8432 Mar 25 22:17 hello > > > As you can see, 022 is turning off “group" write and “other" write > permissions. So normally, touch would provide 0666, but when umask is 022, > permission is anded with the inverse of umask, which provides 0644. So gcc > would create a file with 0777 if umask was 000. > > Regards, > John > > > > >> On Mar 25, 2016, at 5:30 PM, Mike <bellyac...@gmail.com >> <mailto:bellyac...@gmail.com>> wrote: >> >> On 03/25/2016 08:11 PM, William Hermans wrote: >>> Im guessing that perhaps gcc's -o option now days enables the executable >>> bit on the output file ? I haven't looked into that however. >> Nothing at all to do with gcc, reread what I already posted... >> >> Mike >>> >>> On Fri, Mar 25, 2016 at 5:08 PM, William Hermans <yyrk...@gmail.com >>> <mailto:yyrk...@gmail.com>> wrote: >>> No, Mike is absolutely correct. dot's meaning in this context is current >>> directory, and slash is just a path modifier / separator. Putting the file >>> in ones $PATH would solve the "problem" of having to use dot slash I've >>> know this forever, I do not know why I was thinking that chmod +x would >>> solve that "issue", because it wont. >>> >>> I do recall at some point perhaps not too long ago that changing file >>> permissions to executable was required. But now days this does not seem to >>> be the case . . . I've always in the last several years use ./executable >>> until I put the executable into my local path . . . >>> >>> On Fri, Mar 25, 2016 at 2:19 PM, Mike < >>> <mailto:bellyac...@gmail.com>bellyac...@gmail.com >>> <mailto:bellyac...@gmail.com>> wrote: >>> On 03/25/2016 02:03 PM, William Hermans wrote: >>>> No chmod needed *IF* you precede the command with a dot slash "./". So >>>> when you run a regular Linux command do you have to type this dot slash ? >>>> No because chmod +x is run on the executable at some point . . . >>>> >>>> So be nice to fellow group users who actually know what they're talking >>>> about, and have been on this list a lot longer than you. >>> Maybe we need to learn what ./ does... It has absolutely nothing to do >>> with a files permissions or whether it's executable or not. It's use is >>> regarding the lack of the current directory "." in one's PATH variable. >>> Umask is (largely) what controls what permissions a file is created with. >>> >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> ls -al >>> total 12 >>> drwxr-xr-x 2 mike mike 4096 Mar 25 17:07 . >>> drwxr-xr-x 37 mike mike 4096 Mar 25 16:46 .. >>> -rw-r--r-- 1 mike mike 78 Mar 25 16:47 hello.c >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> umask >>> 0022 >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> gcc -Wall >>> -o hello hello.c >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> ls -l >>> total 12 >>> -rwxr-xr-x 1 mike mike 6696 Mar 25 17:08 hello >>> -rw-r--r-- 1 mike mike 78 Mar 25 16:47 hello.c >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> hello >>> bash: hello: command not found >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> ./hello >>> Hello, world! >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> umask 0137 >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> gcc -Wall >>> -o hello hello.c >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> ls -l >>> total 12 >>> -rw-r----- 1 mike mike 6696 Mar 25 17:09 hello >>> -rw-r--r-- 1 mike mike 78 Mar 25 16:47 hello.c >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> hello >>> bash: hello: command not found >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> ./hello >>> bash: ./hello: Permission denied >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> ls -l >>> total 12 >>> -rw-r----- 1 mike mike 6696 Mar 25 17:09 hello >>> -rw-r--r-- 1 mike mike 78 Mar 25 16:47 hello.c >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> chmod 0750 >>> hello >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> ls -l >>> total 12 >>> -rwxr-x--- 1 mike mike 6696 Mar 25 17:09 hello >>> -rw-r--r-- 1 mike mike 78 Mar 25 16:47 hello.c >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> ./hello >>> Hello, world! >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> umask 022 >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> umask >>> 0022 >>> mike@pride-n-joy:~/test.d$ <mailto:mike@pride-n-joy:%7E/test.d$> >>> >>> Mike >>>> >>>> On Fri, Mar 25, 2016 at 8:53 AM, Dieter Wirz < >>>> <mailto:didi.w...@gmail.com>didi.w...@gmail.com >>>> <mailto:didi.w...@gmail.com>> wrote: >>>> On Fri, Mar 25, 2016 at 3:57 PM, Graham Haddock < >>>> <mailto:gra...@flexradio.com>gra...@flexradio.com >>>> <mailto:gra...@flexradio.com>> wrote: >>>> > Yes. >>>> > sudo chmod 755 myprogram >>>> > or >>>> > sudo chmod 755 myprogram.o >>>> > >>>> Graham, please do not tell fairy tails on this list! >>>> >>>> $ echo '#include <stdio.h>' > hello.c >>>> $ echo 'int main (void) { printf ("Hello, world!\n"); return 0; }' >> >>>> hello.c >>>> $ cat hello.c >>>> #include <stdio.h> >>>> int main (void) { printf ("Hello, world!\n"); return 0; } >>>> $ gcc -Wall -o hello hello.c >>>> $ ./hello >>>> Hello, world! >>>> $ ls -l >>>> total 12 >>>> -rwxrwxr-x 1 dw dw 7332 Mar 25 16:32 hello >>>> -rw-rw-r-- 1 dw dw 80 Mar 25 16:31 hello.c >>>> $ >>>> >>>> No chmod needed, no myprogram.o there, why the sudo???? >>> >>> -- >>> For more options, visit >>> <http://beagleboard.org/discuss>http://beagleboard.org/discuss >>> <http://beagleboard.org/discuss> >>> --- >>> You received this message because you are subscribed to the Google Groups >>> "BeagleBoard" group. >>> To unsubscribe from this group and stop receiving emails from it, send an >>> email to >>> <mailto:beagleboard+unsubscr...@googlegroups.com>beagleboard+unsubscr...@googlegroups.com >>> <mailto:beagleboard+unsubscr...@googlegroups.com>. >>> For more options, visit >>> <https://groups.google.com/d/optout>https://groups.google.com/d/optout >>> <https://groups.google.com/d/optout>. >>> >>> >>> -- >>> For more options, visit http://beagleboard.org/discuss >>> <http://beagleboard.org/discuss> >>> --- >>> You received this message because you are subscribed to the Google Groups >>> "BeagleBoard" group. >>> To unsubscribe from this group and stop receiving emails from it, send an >>> email to beagleboard+unsubscr...@googlegroups.com >>> <mailto:beagleboard+unsubscr...@googlegroups.com>. >>> For more options, visit https://groups.google.com/d/optout >>> <https://groups.google.com/d/optout>. >> >> >> -- >> For more options, visit http://beagleboard.org/discuss >> <http://beagleboard.org/discuss> >> --- >> You received this message because you are subscribed to the Google Groups >> "BeagleBoard" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to beagleboard+unsubscr...@googlegroups.com >> <mailto:beagleboard+unsubscr...@googlegroups.com>. >> For more options, visit https://groups.google.com/d/optout >> <https://groups.google.com/d/optout>. > > > -- > For more options, visit http://beagleboard.org/discuss > <http://beagleboard.org/discuss> > --- > You received this message because you are subscribed to the Google Groups > "BeagleBoard" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to beagleboard+unsubscr...@googlegroups.com > <mailto:beagleboard+unsubscr...@googlegroups.com>. > For more options, visit https://groups.google.com/d/optout > <https://groups.google.com/d/optout>. > > > -- > For more options, visit http://beagleboard.org/discuss > <http://beagleboard.org/discuss> > --- > You received this message because you are subscribed to the Google Groups > "BeagleBoard" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to beagleboard+unsubscr...@googlegroups.com > <mailto:beagleboard+unsubscr...@googlegroups.com>. > For more options, visit https://groups.google.com/d/optout > <https://groups.google.com/d/optout>. -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups "BeagleBoard" group. To unsubscribe from this group and stop receiving emails from it, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
