9
umask(0);

fd = open("/dev/null", O_RDWR);

Here's man 2 umask:

umask() sets the calling process’s file mode creation mask (umask) to mask & 0777.

But it doesn't make sense for me,as when we call open ,we will also provide a mode parameter.

So what's the point of umask?

cpuer
  • 6,413
  • 13
  • 32
  • 38
  • Possible duplicate of [Why would you use umask?](https://stackoverflow.com/questions/2780301/why-would-you-use-umask) – Ben Leggiero Feb 01 '19 at 22:45

4 Answers4

6

The umask is applied to all modes used in file system operations. From the manual open(2):

The permissions of the created file are (mode & ~umask)

So with a single call to umask, you can influence the mode of all create files.

This is usually used when a program wants the user to allow to overrule the default grants for files/directories it creates. A paranoid user (or root) can set the umask to 0077 which means that even if you specify 0777 in open(2), only the current user will have access.

Aaron Digulla
  • 297,790
  • 101
  • 558
  • 777
  • what if umask is `777`,no one can modify it then? – cpuer Jun 01 '11 at 09:27
  • seems `open` can also be called without the `mode` parameter,`int open(const char *pathname, int flags);`,what will be the permission of created files in that case? – cpuer Jun 01 '11 at 09:35
  • 1
    Yes. Doesn't make a lot of sense but nothing stops you from creating files that you can't access yourself. Actually, I use that to stop programs to create/modify unwanted files and folders with `chmod 0 .configdir` – Aaron Digulla Jun 01 '11 at 09:36
  • re open without mode: That depends on your flavor of Unix. On my Linux, you must specify mode when you use `O_CREAT`. Some Unixes build the mode from the mode of the directory which contains the new file. For details, read the docs. – Aaron Digulla Jun 01 '11 at 09:38
  • So, the `umask(0);` does nothing but reset the umask to its default value? – Fábio Roberto Teodoro Sep 25 '19 at 20:14
  • 1
    @FábioRobertoTeodoro Yeah, you can look at it this way. In my mind, it disables the effect of `umask()`. – Aaron Digulla Sep 27 '19 at 08:23
5

I know this is and old question but here is my two cents:

Permissions of shared memory object

I was trying to make a shared memory object, with:

int shm_open(const char *name, int oflag, mode_t mode);

The resulting shared memory did not have the permission set in mode argument, so I read the shm_open man page which led me to the open function man page and there it says:

mode specifies the permissions to use in case a new file is created. This argument must be supplied when O_CREAT is specified in flags; if O_CREAT is not specified, then mode is ignored. The effective permissions are modified by the process's umask in the usual way: The permissions of the created file are (mode & ~umask). Note that this mode only applies to future accesses of the newly created file

So I tried to modify the umask with:

mode_t umask(mode_t mask);

but it did not work either, so after more google I found this Setting Permission document in gnu.org

Which recommends:

When your program needs to create a file and bypass the umask for its access permissions, the easiest way to do this is to use fchmod after opening the file, rather than changing the umask. In fact, changing the umask is usually done only by shells. They use the umask function.

and with fchmod my function worked as I wanted :) her it is:

int open_signals_shmem(struct signal_shmem **shmem, int size)
{
    int fd, ret;
    void *ptr;

    *shmem = NULL;
    ret = 1;

    fd = shm_open(SIGNALS_SHMEM_NAME, O_RDWR | O_CREAT, S_IRWXU | S_IRWXG | S_IRWXO);
    if (fd == -1)
    {
        printf("error: signals shmem could not be allocated (%s, errno=%d)\n", SIGNALS_SHMEM_NAME, errno);
    }
    else
    {
        // Change permissions of shared memory, so every body can access it
        fchmod(fd, S_IRWXU | S_IRWXG | S_IRWXO);

        if (ftruncate(fd, size) == -1)
        {
            printf("error: signals shmem could not be truncated (%s, errno=%d)\n", SIGNALS_SHMEM_NAME, errno);
        }
        else
        {
            ptr = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);
            if (ptr == MAP_FAILED)
            {
                printf("error: signals shmem could not be mapped (%s, errno=%d)\n", SIGNALS_SHMEM_NAME, errno);
            }
            else
            {
                *shmem = ptr;
                ret = 0;
            }
        }
    }
    return ret;
}
q325mg
  • 51
  • 1
  • 2
  • You may only want to call fchmod only on the creation of the shared memory (try to open with RDWR, then check errno for ENOENT, then do O_RDWR|O_CREAT and fchmod), as you cant fchmod another user's shared memory even with 777 permissions. Otherwise if you try to open a shared memory object created by another user you will get a permissions error. – Marc Etcheverry Oct 16 '17 at 14:10
1

Citing this article:

The purpose of the umask is to allow users to influence the permissions given to newly created files and directories. Daemons should not allow themselves to be affected by this setting, because what was appropriate for the user will not necessarily be suitable for the daemon.

In some cases it may be more convenient for the umask to be set to a non-zero value. This is equally acceptable: the important point is that the daemon has taken control of the value, as opposed to merely accepting what it was given.

Blagovest Buyukliev
  • 39,704
  • 12
  • 88
  • 124
  • @Blagovest Buyukliev,I still don't see the purpose of `umask`,isn't it already available in the parameter of `open`? – cpuer Jun 01 '11 at 09:05
  • 1
    The second argument of `open` specifies the mode of opening the file, i.e. which operations will be available on the returned descriptor. `umask`, on the other hand, specifies the filesystem permissions that will be set for each newly created file. – Blagovest Buyukliev Jun 01 '11 at 09:12
  • @Blagovest Buyukliev,isn't that also available out there? `int creat(const char *pathname, mode_t mode);` – cpuer Jun 01 '11 at 09:14
  • `creat` is the old, deprecated way to create a new empty file. It is the same as `open` with the flag `O_CREAT`. – Blagovest Buyukliev Jun 01 '11 at 09:16
  • @Blagovest Buyukliev,I mean,either `creat` or `open` has their parameter for `mode` and `flag`,`umask` still seems useless to me. – cpuer Jun 01 '11 at 09:18
  • Yes, `open` can be used with a `mode` parameter, but `umask` sets the default one so that you don't have to pass it each time. – Blagovest Buyukliev Jun 01 '11 at 09:23
  • @Blagovest Buyukliev,according to @Aaron Digulla's answer,umask doesn't provide a default value,but the final mode is a combination of `mode & ~umask`. – cpuer Jun 01 '11 at 09:30
0

Most Mac developers (and by extension most software testers), from the time they were babies, put this in their .cshrc

umask 002

However, most end users don't know about umask, so if they create a new user on the machine, and run your app, you are likely to create a bunch of log files and whatnot without group read/write permissions. Then they switch users again and suddenly your app doesn't work. For this reason, we're adding this to all our apps. Our rule-of-thumb when it comes to security is that "we want users to be able to use our software".

#import <sys/types.h>
#import <sys/stat.h>
int main(int argc, char *argv[])
{
    // set permissions for newly created files to ug+rwX,o+rX
    umask(0002);
Keith Knauber
  • 734
  • 6
  • 13