umask

From Wikipedia, the free encyclopedia
Jump to: navigation, search

In computing, umask is a command that determines the settings of a mask that controls how file permissions are set for newly created files. It also may refer to a function that sets the mask, or it may refer to the mask itself, which is formally known as the file mode creation mask. The mask is a grouping of bits, each of which helps control how its corresponding permission is set for newly created files. The bits in the mask may be changed by invoking the umask command.

In UNIX, each file has a set of attributes which control who can read or change the file. Those attributes, called file permissions can be changed by users and programs. When a program creates a file, it requests that the file permissions be set to an initial setting. The mask helps determine what that initial file permission setting is. The bits of the mask are applied whenever a file is created. If the mask has a bit set to "1", that means the corresponding initial file permission will always be disabled whenever programs create new files. A bit set to "0" in the mask means that the corresponding permission will be determined by the program and the system when new files are created. In other words, the mask acts as a last-stage filter that strips away permissions as a file is created; each bit that is set to a "1" strips away its corresponding permission for the file as the file is created.

Each program (technically called a process) has its own mask, which is applied whenever that process creates a new file. Each process is able to change the settings of its own mask using a function call. When the process is a shell, the mask is set with the umask command. When a shell, or any other process, launches a new process, the child process inherits the mask from its parent process. The mask does not work retroactively, that is, changes made to the mask only affect new files created after the changes are made. Generally, the mask only affects file permissions during the creation of new files and has no effect when file permissions are changed in existing files, however, in some specific cases it can help determine permissions when file permissions are changed in existing files using the chmod command.

The mask is stored as a group of bits. It may be represented as binary, octal, or symbolic notation. The umask command allows the mask to be represented as octal (e.g., 0754) and symbolic (e.g., u=wrx,g=rx,o=r) notation, the same notation that is used by the chmod command. (see octal and symbolic notation below for details).

The umask command is used with Unix-like operating systems and the umask function is defined in the POSIX.1 specification.

History[edit]

The mask, the umask command, and the umask function were not part of the original implementation of UNIX. The operating system evolved in a relatively small computer center environment where security was not an issue. It eventually grew to serve hundreds of users from different organizations. At first, developers made creation modes for key files more restrictive, especially for cases of actual security breaches, but this was not a general solution. The mask and the umask command were introduced around 1978 between the sixth edition and the eighth edition of the operating system, so it could allow sites, groups, and individuals to choose their own defaults.[1] The mask has since been implemented in most, if not all, of the contemporary implementations of UNIX-like operating systems.

Shell command[edit]

In a shell, the mask is set by using the umask command. The syntax of the command is:[2]

umask [-S ] [maskdefinition]

(the items within the [brackets] are optional)

Displaying the current mask[edit]

If the umask command is invoked without any arguments, it will display the current mask. The output will be in either octal or symbolic notation depending on the operating system used,[3] however, invoking umask with the -S argument (i.e., umask -S) will force it to display the current mask in symbolic notation. For example:

$ umask         # display current value (as octal)
0022
$ umask -S      # display current value symbolically
u=rwx,g=rx,o=rx

Setting the mask using octal notation[edit]

If the umask command is invoked with an octal argument, it will directly set the bits of the mask to that argument:

$ umask 0077        # set the mask to 0077
$ umask             # display the mask (in octal)
0077
$ umask -S          # display the mask symbolically
u=rwx,g=,o=

If fewer than 4 digits are entered, leading zeros are assumed. An error will result if the argument is not a valid octal number (or symbolic argument — see below) or if it has more than 4 digits.[4]

Octal codes used in the command[edit]

Octal digit in
umask command
Permissions that the mask will
prohibit from being set during file creation
0 any permission may be set
1 setting of execute permission is prohibited
2 setting of write permission is prohibited
3 setting of write and execute permission is prohibited
4 setting of read permission is prohibited
5 setting of read and execute permission is prohibited
6 setting of read and write permission is prohibited
7 all permissions are prohibited from being set

Setting the mask using symbolic notation[edit]

If the umask command is invoked with an argument using symbolic notation, it will add to, subtract from, or directly set the bits of the mask as directed by the [maskdefinition] argument of the umask command. The sybolic notation is composed of permission-symbols, user-class-letters, and operators.

The syntax of the [maskdefinition] in the umask command looks like this:

umask [user-class-letters] operator permission-symbols[,]...

There are no spaces allowed between the arguments. The only space is between the umask command itself and the arguments.

The permission-symbols indicate which file permission settings are to be allowed or prohibited by the mask when files are subsequently created. There are three basic file permission modes which correspond to the basic permissions. They are r (read), w (write), and x (execute). The more esoteric symbols are X (special execute), s (setuid/guid), t (stiky bit). (See File permissions for more details.)

Symbol Name Description
r read read a file or list a directory's contents
w write write to a file or directory
x execute execute a file or recurse a directory tree
X special execute which is not a permission in itself but rather can be used instead of x. It allows the application of execute permissions to directories regardless of their current permissions and allows the application of execute permissions to a file which already has at least 1 execute permission bit already set (either user, group or other). It is only really useful when used with '+' d
s setuid/gid See File permissions for details.
t sticky See File permissions for details.

The permissions of a file are applied to three different classes of users: the user (the file's owner), the group, and others. (See File permissions for details.) Those user classes are represented by one or more of the following letters:

Letter Class Description
u user the owner of the file
g group users who are members of the file's group
o others users who are not the owner of the file or members of the group
a all all three of the above, it is the same as ugo. (This is the default if no class is specified in the umask command.)

The umask command uses an operator to specify how the permission modes of the mask should be adjusted. The following operators are accepted:

Operator How the command effects the mask
+ Changes the mask so that during subsequent file creation, the mask will allow the specified file permissions to be enabled for the specified user classes; (permissions that are not specified are unchanged in the mask)
- Changes the mask so that during subsequent file creation, the mask will prohibit the specified file permissions from being enabled for the specified user classes; (permissions that are not specified are unchanged in the mask)
= Changes the mask so that during subsequent file creation, the mask will allow the specified file permissions to be enabled for the specified user classes; permissions not specified will be prohibited by the mask during file creation

For example:

umask u+w

This would set the mask so that it would, when files are subsequently created, allow write permission to be enabled for the user (file owner). The rest of the bits in the mask would be unchanged.

Multiple changes can be specified by separating multiple sets of symbolic notation with commas. (Spaces are not allowed within the arguments.) For example:

umask u-x,g=r,o+w

This would set the mask so that it would, when subsequent files are created:

  1. prohibit the execute permission from being set for the file's owner (user), while leaving the rest of the owner bits in the mask unchanged;
  2. allow the read permission to be enabled for the group, while prohibiting write and execute permission for the group;
  3. allow the write permission to be enabled for others, while leaving the rest of the other bits in the mask unchanged.

Command line examples[edit]

Here are more examples of using the umask command to change the mask.

umask command issued How the mask will effect permissions of subsequently created files/directories
umask a+r allows read permission to be enabled for all user classes; the rest of the mask bits are unchanged
umask a-x prohibits enabling execute permission for all user classes; the rest of the mask bits are unchanged
umask a+rw allows read or write permission to be enabled for all user classes; the rest of the mask bits are unchanged
umask +rwx allows read, write or execute permission to be enabled for all user classes; (Note: On some UNIX platforms, this will restore the mask to a default.)
umask u=rw,go= allow read and write permission to be enabled for the owner, while prohibiting execute permission from being enabled for the owner; prohibit enabling any permissions for the group and others
umask u+w,go-w allow write permission to be enabled for the owner; prohibit write permission from being enabled for the group and others;
umask -S display the current umask in symbolic notation
umask 777 disallow read, write, and execute permission for all (probably not useful bacause even owner cannot read files created with this mask!)
umask 000 allow read, write, and execute permission for all (potential security risk)
umask 077 allow read, write, and execute permission for the file's owner, but prohibit read, write, and execute permission for everyone else
umask 113 allow read or write permission to be enabled for the owner and the group, but not execute permission; allow read permission to be enabled for others, but not write or execute permission
umask 0755 equivalent to u-rwx (4+2+1),go=w (4+1 & 4+1). (The 0 specifies that special modes may be enabled if allowed by the OS.)

Function call[edit]

The mask may be set using a function call. The GNU functions are declared in sys/stat.h. The function is:[5]

mode_t umask (mode_t mask)

The umask function will set the mask of the current process to mask, and return the previous value of the mask.

Here is an example from GNU.org which shows how to read the mask without changing it permanently:

mode_t
read_umask (void) {
    mode_t mask = umask (0);
    umask (mask);
    return mask;
}

However, on GNU/Hurd systems it is better to use the getumask function if reading the mask value is the only requirement, because it is reentrant.

mode_t getumask (void)

Returns the current value of the mask for the current process. (Note: The getumask function is a GNU extension and is only available on GNU/Hurd systems.

Mask effect[edit]

The mask is applied whenever a file is created. If the mask has a bit set to "1", that means the corresponding file permission will always be disabled when files are subsequently created. A bit set to "0" in the mask means that the corresponding permission will be determined by the requesting process and the OS when files are subsequently created. In other words, the mask acts as a last-stage filter that strips away permissions as a file is created; each bit that is set to a "1" strips away that corresponding permission for the file.

Truth table[edit]

Here is the truth table for the masking logic. Each bit in the requesting process' file permission mode is operated on by the mask using this logic to yield the permission mode that is applied to the file as it is created. (p is a bit in the requested file permission mode of a process that is creating a file; q is a bit in the mask; r is the resulting bit in the created file's permission mode)

p q r
T T F
T F T
F T F
F F F

How the mask is applied[edit]

Programmatically, the mask is applied by the OS by first negating (complementing) the mask, and then performing a logical AND with the requested file mode. In the [probably] first UNIX manual to describe its function,[1] the manual says,

"the actual mode... of the newly-created file is the logical and of the given mode and the complement of the argument. Only the low-order 9 bits of the mask (the protection bits) participate. In other words, the mask shows [indicates] the bits to be turned off when files are created."

—UNIX Eighth Edition Manual, Bell Labs UNIX (manual), AT&T Laboratories
This shows how octal in the umask command appears in the mask and eventually affects a program's request for creating a file with, e.g., full (r, w, x) permissions.
Octal digit in
 umask command 
 Binary in 
the mask
 Negation 
of mask
Logical AND
 with "rwx" request[6] 
0 000 111 rwx
1 001 110 rw-
2 010 101 r-x
3 011 100 r--
4 100 011 -wx
5 101 010 -w-
6 110 001 --x
7 111 000 ---

Logic[edit]

The mask is applied using boolean logic known as material nonimplication or abjunction. It is represented in logic notation as:

C: (P&(~Q))

This says that the file's permission mode (C) is a result of a logical AND operation between the negation of the mask (Q), and the process' requested permission mode setting (P).

Exceptions[edit]

Note: Many operating systems do not allow a file to be created with execute permissions. In these environments, newly created files will always have execute permission disabled for all users.

The mask is generally only applied to functions that create a new file, however, there are exceptions. For example, when using UNIX and GNU versions of chmod to set the permissions of a file, and symbolic notation is used, and no user is specified, then the mask is applied to the requested permissions before they are applied to the file. For example:

$ umask 0000
$ chmod +rwx filename
$ ls -l filename
-rwxrwxrwx filename
$ umask 0022
$ chmod +rwx filename
$ ls -l filename
-rwxr-xr-x filename

Processes[edit]

Each process has its own mask, which is applied whenever the process creates a new file. When a shell, or any other process, spawns a new process, the child process inherits the mask from its parent process.[7] When the process is a shell, the mask is changed by the umask command. As with other processes, any process launched from the shell inherits that shell's mask.

Mount option[edit]

In the Linux kernel, the fat, hfs, hpfs, ntfs, and udf file system drivers support a umask mount option, which controls how the disk information is mapped to permissions. This is not the same as the per-process umask described above, although the permissions are calculated in a similar way. Some of these file system drivers also support separate umasks for files and directories, using mount options such as fmask.

See also[edit]

References[edit]

  1. ^ a b "UNIX 8th Edition Manual, Bell Labs UNIX". Manual. AT&T Laboratories. Retrieved 2013-01-14. 
  2. ^ "AST UNIX MANUAL:umask(1)". Manual. AT&T Laboratories. Retrieved 2013-01-14. 
  3. ^ "umask", The Single UNIX Specification, Version 2: (manual), The Open Group, 1997, retrieved 2013-01-14 
  4. ^ Note: Some programming languages require a prefix symbol in front of octal notation such as the digit 0, or the letters o or q. The umask command does not use this type of prefix notation -- only the octal digits are used.
  5. ^ "14.9.7 Assigning File Permissions", The GNU C Library for glibc 2.17 (manual), Free Software Foundation, Inc., 3 January 2013, retrieved 2013-01-14 
  6. ^ Note: Operating systems usually will also strip off execute permissions on newly created files.
  7. ^ "umask(2)", Linux Programmer's Manual release 3.32 (manual), Linux man-pages project, 9 January 2008, retrieved 2013-01-01