Rhl sets umask to cause apache server exceptions on a rhl server in a production environment. According to the suggestions of the 3rd-party security company, one of the following settings is performed: vi/etc/profilevi/etc/csh. loginvi/etc/csh. cshrcvi/etc/bashrc www.2cto.com added umask 027 to the above file. We know the role of umask and set the default initial permissions for creating directories and files for system users. According to the working principle of umask, after this parameter is set, the default permission for the Created directory or file is 777-027 = 750. Note that the last 0 is the permission setting for other, it seems that there is no problem, for security! Www.2cto.com, however, the unfortunate reminder is that there is no comprehensive consideration and a problem occurs on an apache server. The specific phenomenon is that the customer reports cannot view the uploaded image (apache File Server ), because another colleague configured this parameter, but I don't know, I found no problems after logging on to the server and using mkdir and touch several files, the only problem is that the permissions of the new file are different from those of the existing one, that is, the permissions of the other column are missing. Only some files have the r permissions of the other, the time for discovering this problem is still relatively short (within 5 minutes, including the debate with colleagues who configured this parameter in hands-on operations. It's a bit insightful, or else it's too big ), so I immediately asked my colleague to restore the above configuration file, and then restart apache, so that the last file can be browsed normally. For files that have been uploaded but cannot be browsed, execute chmod o + x * in batches *. jpg is also fixed. Now, the cause is as follows: 0. The default permissions for creating new directories and files by the system are modified; 1. Because apache running users are independent nologin users (such as nobody or apache), the focus is on. For security reasons, apache generally does not log in with a normal system account, although the root user is used to start apache, the real internal operation is the nologin user. The root user is of course in the other group, so he has no r permission, therefore, you cannot normally browse the uploaded images. As to why the images can be uploaded, this is because the directory has the x permission. -The End-by gtlions