Today found that the permissions to create files and their own prescribed permissions are not consistent, understand the issue of the permissions mask, summarized here.
First, the permission mask umask is chmod matching, a total of 4 bits (Gid/uid, owner, group rights, other users of the rights), but usually we only use the latter 3, the first is a special permission bit, temporarily did not understand. For example chmod 0777 file on behalf of the file to set the owner, group users, other users are rwx, rwx, rwx permissions.
Under my ubuntu15.04, umask default is 0002, can be viewed with the umask command, plus the parameter-s will be more understandable:
The mask, as the name implies, is used to cover up some bit, these bits are here to represent the permissions, such as from the above figure we can see 0002 is to cover up the other user's W permission (O=RX), because 2 in binary is 010, we create the file permissions stipulated in the file permission * * * is to have a bitwise phase with the mask's inverse code, so that a bit can be masked out. For example, when you create a file, you specify 0666, then 0666 & ~0002 = 0664, and the resulting file permissions are Rw-rw-r--。
In addition, Linux (without the permission mask umask) specifies that the default permissions for a file are 0666 (removing the Execute permission x can reduce a very large number of attacks, because many of the virus files if created without the execution of permissions, it loses meaning), the default permissions of the directory is 0777. So, if we create a new file, the file permissions and the permission mask umask bitwise phase, that is 0666 & ~0002 = 0664 (on my Computer), the last 0664 (rw-rw-r--) is the true permissions of the file, similarly, create a directory (0777 & ~0002 = 0775, or rwxrwxr-x) is the same:
We can use the umask command to change the value of the permission mask, the corresponding, we create the file will also have to and umask bitwise, will conspicuous the corresponding partial permissions:
Accordingly, C also has a umask function, we can also see and change the value of Umask with C, but the only change is to call Umask () the value of the process of the function , that is, the rest of the Umask value is not changed, we can use the shell command umask to see, You will find that Umask is still the original value, so the umask called in the C language will only change the umask of the calling process. To see the man help manual it is known that the forked child process also inherits the umask of the parent process, that is, if the parent process modifies the permission mask to 0001, then the resulting child process will remain with the parent process for the permission mask 0001 instead of the system 0002 or 0022.
When we use the C language open (Linux system function) to create a new file (that is, the second parameter specifies o_creat), we must indicate the third parameter's permissions, the default permissions are not the default Linux 0666, So I don't know what to do if I don't specify it (it feels different every time I create it.) )。 Therefore, for the sake of insurance, when we use open to create a file, according to their own needs (not in accordance with the Linux default 0666) to specify the creation of the file permissions, and after the establishment of this permission, and the current process of the permission mask bitwise AND, in order to get the final file permissions.
O_creat
If The file exists, this flag has no effect except as noted under O_EXCL below. Otherwise, the file is created; The user ID of the file is set to the effective user ID of the process; The group ID of the file is set to the group ID of the the file's parent directory or to the effective group ID of the Proces S and the access permission bits (see <sys/stat.h>) of the file mode is set to the value of the third argument taken As type mode_t modified as Follows:aBitwise-andis performed onThe file-mode bitsandThe corresponding bits in the complement of the process ' file mode creation mask. Thus, all bits in the file mode whose corresponding bit in the file mode creation mask is set is cleared. When Bits and other than the file permission bits was set, the effect is unspecified. The third argument does not affect whether the file was open for reading, writing or for both.
File permission issues for files created under Linux