I'm diving into Linux system administration and I'm curious about umask (user mask). What's the reasoning behind it? I get that it relates to default permissions, but I'm confused about the subtractive aspect. Why don't processes just set default permissions directly based on the file type (like directories or regular files) instead of subtracting from base permissions? It feels like a roundabout way to handle this, especially since we have global base permissions. Why not just adjust base permissions depending on the specific process instead?
1 Answer
Don't think of umask simply as subtracting from a number. It's more about setting specific bits to zero, which represent permissions. When you set a umask, you're masking those bits, meaning if you don't want a process to have certain permissions (like 'other' bits), you can just mask those out. It simplifies things—no need to calculate new permissions; just mask what you need, and you're set!
Got it! So umask is just about turning specific bits off. But if I start with base permissions of 6 (read + write) and use a umask of 2, I end up with permissions of 4 (just read). But what if I started with base permissions of 5 (read + execute) and used a umask of 2? Then I'd get 3 (write + execute), right? Am I missing something there?