default umask rationale

aside from the principle of least privilege, what other reasons are there for having a default umask of 022 in the default login class?

on many linux distribution, it is 022 because the default group is `users'. however, on openbsd the default behavior is for users to get their own private group.

and so given the purpose of groups in general, that is to share work under certain directories, and given the bsd behavior of group inheritance in the filesystem, wouldn't it make more sense, or at least wouldn't it be an easy patch, to have a umask of 002?

i have many users who share web development work, and use things like scp to copy files. however, changing their umask upon transfers it a little cumbersome and error prone if even feasible, and causes all sorts of headaches. and so i'm deliberating whether to change the default umask to 002. am i missing some other issues that might arise?

/home: no issues
/tmp: no issues
/var/mail: no issues

i can't think of any other problem areas, nor could i find similar threads elsewhere for reference.

tia,

Bill Received on Mon Jun 30 16:10:22 2003

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related openbsd.org Links advocacy announce bugs ipv6 misc ports ports-changes security-announce smp source-changes tech Request more information about Pantek