[texhax] Aha Moment; umask

Herbert Schulz herbs at wideopenwest.com
Fri Jul 12 16:49:30 CEST 2013

On Jul 12, 2013, at 9:35 AM, Thomas Schneider <schneidt at mail.nih.gov> wrote:

> I found that in my shell start up script I have:
> umask 077
> That means that when I create files, I have rwx permissions and nobody
> else can read, write or execute them.  That is, my files are private:
> drwx------.  I think this is a reasonable security precaution.
> When I installed TexLive 2013, sudo inherited the 077 mask from my
> environment.  Subtracting this from 777 gives 700, which is the
> drwx------ permissions observed.  I have confirmed this by creating
> some directories and files using sudo with different umask settings
> set while not being sudo.
> As I've said, I think that /usr/local ought to stay owned by root for
> security purposes.  The permissions should allow root to read, write
> and execute and others should only be able to read and execute.  That
> is, drwxr-xr-x or 755.  Subtracting this from 777 gives 022.
> So I currently suggest that you add to the beginning of install
> scripts:
>  umask 022
> Corrections to this are welcome!
> Tom


That actually makes me feel better! At least we know that the problem isn't widespread.

I suggest that next year we simply have a script for Part 1 that allows the user to choose between letter and a4 paper default, sets `umask 022` as suggested by Thomas, and then chooses the correct install procedure for the given default paper type. That way we just ask folks to run a single script and answer one question. It would even be better is it was all wrapped in a gui app that displayed a console window so the user could follow along and see that something was happening.

Good Luck,

Herb Schulz
(herbs at wideopenwest dot com)

More information about the texhax mailing list