From 39679232f7a6ebfcd5d9a410b26cf0e3c7cabe00 Mon Sep 17 00:00:00 2001 From: Xi Ruoyao Date: Sun, 12 Jan 2025 11:55:59 +0800 Subject: [PATCH] Move the explanation of umask 022 from settingenviron to aboutlfs Explain it once we use it. Also fix an error in the text (we don't make files executable, we only make directories searchable). --- chapter02/aboutlfs.xml | 10 ++++++++++ chapter04/settingenviron.xml | 7 ++----- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/chapter02/aboutlfs.xml b/chapter02/aboutlfs.xml index 158f8f3a5..f46d4e3ba 100644 --- a/chapter02/aboutlfs.xml +++ b/chapter02/aboutlfs.xml @@ -33,6 +33,16 @@ default: umask 022 + + Setting the umask to 022 ensures that newly created files and + directories are only writable by their owner, but are readable and + searchable (only for directories) by anyone (assuming default modes are + used by the open(2) system + call, new files will end up with permission mode 644 and directories with + mode 755). An over-permissive default can leave security holes in the + LFS system, and an over-restrictive default can cause strange issues + building or using the LFS system. + Do not forget to check that LFS is set and the umask is set to 022 whenever diff --git a/chapter04/settingenviron.xml b/chapter04/settingenviron.xml index b179bb0b3..564e29d84 100644 --- a/chapter04/settingenviron.xml +++ b/chapter04/settingenviron.xml @@ -76,11 +76,8 @@ EOF umask 022 - Setting the user file-creation mask (umask) to 022 ensures that newly - created files and directories are only writable by their owner, but are - readable and executable by anyone (assuming default modes are used by the - open(2) system call, new files - will end up with permission mode 644 and directories with mode 755). + Setting the umask as we've already explained in +