If your main concern is securing a file, there is an easier way - set the sticky, setgid, and setuid bits on the directory. While this doesn't insure that the files have the exact same permissions, it does insure that (a) all files created in the directory will have the same group and owner as the directory (b) the files cannot be renamed or deleted except by the owner, i.e. the directory owner. This should go a long way to securing the files and avoiding race conditions while you clean up the permissions - especially if the user owning the directory is controlled by your script.
To setup the directory, add 7000 to the normal three digit permissions. (1000=sticky bit, 2000=setgid, 4000=setuid).
Another alternative you might want to consider is the *nix install command. This does a better job of letting you create a file with specific permissions whilst avoiding race conditions that might jeopardize security
For more information, see
Best of luck, beth
P.S. I'm assuming, of course, that you are working on a *nix system. These commands only work on the *nixes. (WinDos has its own funky logic for permissions and inheritance).
In reply to Re: mkdir with variable mask
by ELISHEVA
in thread mkdir with variable mask
by kreetrapper
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |