Smarter default umask, use 002 on systems that support UPG

This commit is contained in:
Danielle McLean 2016-10-17 19:50:29 +11:00
parent 8380453058
commit 38eb2c7b6f
No known key found for this signature in database
GPG key ID: CC91589719027E94

View file

@ -1,2 +1,14 @@
#! zsh #! zsh
(( $(umask) == 0 )) && umask 022 # umask should *never* be zero. If it is, set it to something safer.
if (( $(umask) == 0 )); then
# Test whether the system uses User Private Groups - if it does, my primary
# group will have the same name as my user. Basic info on UPG can be found
# here: https://security.ias.edu/how-and-why-user-private-groups-unix
if [[ $(id -un) = $(id -gn) ]]; then
# 002 is a safe umask if the system has UPG.
umask 002
else
# 022 is a safe umask if the system does not have UPG.
umask 022
fi
fi