124

ÂThe following file (-) displays read, write, and executable permissions for owner (rwx), but no permissions for group (---) or others (---):

-rwx------

ÂThe following file (-) displays read and write, but no executable permissions for owner (rw-), group (rw-), and others (rw-):

-rw-rw-rw-

ÂThe following file (-) displays read, write, and executable permissions for owner (rwx), but only read and executable for group (r-x) and others (r-x):

-rwxr-xr-x

ÂThe following file (-) displays read, write, and executable permissions for owner (rwx), but only read for group (r--) and others (r--):

-rwxr--r--

See the ls man page for more information about viewing permissions.

Setting the umask for Individual Users

The global umask setting determines the permissions of new files and folders created by a local user.

$ sudo defaults write -g NSUmask -int value

Use one of the following values to set the permission level:

Value

Permission Level

63 (octal equivalent 077)

Only the user can read newly created files.

 

 

23 (octal equivalent 027)

User and members of the user’s default group can read newly

 

created files.

 

 

18 (octal equivalent 022)

All users can read newly created files.

 

 

The default umask setting, 022, removes group and world write permissions, but allows group and world read permissions. With a umask setting of 027, files and folders created by a user will not be readable by every other user on the computer, but will still be readable by members of his assigned group. The owner of the file or folder can still make it accessible to others by changing the permissions in the Finder’s Get Info window or by using the chmod tool.

To set the NSUmask settings for all local users to octal 027 (decimal equivalent 23):

$ sudo defaults write /Library/Preferences/.GlobalPreferences NSUmask 23

Note: The path above refers to the .GlobalPreferences defaults domain, not to the file

.GlobalPreferences.plist, which might accidentally be filled in while using the shell autocomplete feature.

Chapter 8 Working with Users and Groups

Page 124
Image 124
Apple Mac OS X Server Setting the umask for Individual Users, Use one of the following values to set the permission level