- umask
Sets the umask for the process to EXPR and returns the previous value. If EXPR is omitted, merely returns the current umask.
The Unix permission
rwxr-x---
is represented as three sets of three bits, or three octal digits:0750
(the leading 0 indicates octal and isn't one of the digits). Theumask
value is such a number representing disabled permissions bits. The permission (or "mode") values you passmkdir
orsysopen
are modified by your umask, so even if you tellsysopen
to create a file with permissions0777
, if your umask is0022
then the file will actually be created with permissions0755
. If yourumask
were0027
(group can't write; others can't read, write, or execute), then passingsysopen
0666
would create a file with mode0640
(0666 &~ 027
is0640
).Here's some advice: supply a creation mode of
0666
for regular files (insysopen
) and one of0777
for directories (inmkdir
) and executable files. This gives users the freedom of choice: if they want protected files, they might choose process umasks of022
,027
, or even the particularly antisocial mask of077
. Programs should rarely if ever make policy decisions better left to the user. The exception to this is when writing files that should be kept private: mail files, web browser cookies, .rhosts files, and so on.If umask(2) is not implemented on your system and you are trying to restrict access for yourself (i.e., (EXPR & 0700) > 0), produces a fatal error at run time. If umask(2) is not implemented and you are not trying to restrict access for yourself, returns
undef
.Remember that a umask is a number, usually given in octal; it is not a string of octal digits. See also "oct", if all you have is a string.