Home / ubuntu / Questions / 1041668
Accepted
user639188
Asked: 2018-05-30 10:10:29 +0800 CST

Is setting umask to 000 dangerous

  • 772

I know that setting umask to 000 causes potential security issues. I don't care. I only want to know if something bad happens if I do it as root (sudo umask 000), or in /etc/init.d/rc script. By something bad, I mean breaking packages or essential parts of the system.

umask

1 Answers

  1. Best Answer

    sudo umask 0000 will fail because umask isn’t a program. It’s a shell built-in command that affects the current shell session. No sudo is needed or allowed, though sudo commands (and other user switching) don’t inherit the current umask. To set sudo to use a certain umask, another answer gives the solution (I modified it to use 0000 instead):

    For the sudo permissions, I executed sudo visudo and added the line Defaults umask = 0000 to the end.

    Since the default Ubuntu umask is 0002 (except 0022 for root), setting it to 0000 will merely no longer block an application from giving write permission to everyone other than the file’s owner or group when creating a new file. The application then doesn’t have to give write permission to others when creating a file, but now it can.

    It’s not recommended to set this globally for security reasons (perhaps in ~/.bashrc instead), but it’s not likely to cause issues other than bad security when badly-written applications don’t set the permissions properly when creating files.

    • 5