Smarter default umask, use 002 on systems that support UPG
This commit is contained in:
parent
8380453058
commit
38eb2c7b6f
1 changed files with 13 additions and 1 deletions
|
@ -1,2 +1,14 @@
|
||||||
#! zsh
|
#! zsh
|
||||||
(( $(umask) == 0 )) && umask 022
|
# umask should *never* be zero. If it is, set it to something safer.
|
||||||
|
if (( $(umask) == 0 )); then
|
||||||
|
# Test whether the system uses User Private Groups - if it does, my primary
|
||||||
|
# group will have the same name as my user. Basic info on UPG can be found
|
||||||
|
# here: https://security.ias.edu/how-and-why-user-private-groups-unix
|
||||||
|
if [[ $(id -un) = $(id -gn) ]]; then
|
||||||
|
# 002 is a safe umask if the system has UPG.
|
||||||
|
umask 002
|
||||||
|
else
|
||||||
|
# 022 is a safe umask if the system does not have UPG.
|
||||||
|
umask 022
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
Loading…
Reference in a new issue