Umask

umask
Original author(s)	AT&T Bell Laboratories
Developer(s)	Various open-source and commercial developers
Initial release	1978;46 years ago
Operating system	Unix and Unix-like
Platform	Cross-platform
Type	Command

Last updated June 23, 2024

In computing, umask is a command that determines the settings of a mask that controls how file permissions are set for newly created files. It may also affect how the file permissions are changed explicitly. umask is also a function that sets the mask, or it may refer to the mask itself, which is formally known as the file mode creation mask. The mask is a grouping of bits, each of which restricts how its corresponding permission is set for newly created files. The bits in the mask may be changed by invoking the umask command.

Overview

In Unix-like systems, each file has a set of attributes that control who can read, write or execute it. When a program creates a file, the file permissions are restricted by the mask. If the mask has a bit set to "1", then the corresponding initial file permission will be disabled. A bit set to "0" in the mask means that the corresponding permission will be determined by the program and the file system. In other words, the mask acts as a last-stage filter that strips away permissions as a file is created; each bit that is set to a "1" strips away its corresponding permission. Permissions may be changed later by users and programs using chmod .

Each program (technically called a process) has its own mask and is able to change its settings using a function call. When the process is a shell, the mask is set with the umask command. When a shell or process launches a new process, the child process inherits the mask from its parent process. Generally, the mask only affects file permissions during the creation of new files and has no effect when file permissions are changed in existing files; however, the chmod command will check the mask when the mode options are specified using symbolic mode and a reference to a class of users is not specified.

The mask is stored as a group of bits. It may be represented as binary, octal or symbolic notation. The umask command allows the mask to be set as octal (e.g. 0754) or symbolic (e.g. u=,g=w,o=wx) notation.

The umask command is used with Unix-like operating systems, and the umask function is defined in the POSIX.1 specification.

History

The mask, the umask command and the umask function were not part of the original implementation of UNIX. The operating system evolved in a relatively small computer-center environment, where security was not an issue. It eventually grew to serve hundreds of users from different organizations. At first, developers made creation modes for key files more restrictive, especially for cases of actual security breaches, but this was not a general solution. The mask and the umask command were introduced around 1978, in the seventh edition of the operating system,^[1] so it could allow sites, groups and individuals to choose their own defaults. The mask has since been implemented in most, if not all, of the contemporary implementations of Unix-like operating systems.

Shell command

In a shell, the mask is set by using the umask command. The syntax of the command is:^[2]

umask[-S][maskExpression]

(The items within the brackets are optional.)

Displaying the current mask

If the umask command is invoked without any arguments, it will display the current mask. The output will be in either octal or symbolic notation, depending on the OS.^[3]

In most shells, but not the C shell, the -S argument (i.e. umask -S) will instruct umask to display using symbolic notation. For example:

$umask# display current value (as octal)0022 $umask-S# display current value symbolicallyu=rwx,g=rx,o=rx

Setting the mask using octal notation

If the umask command is invoked with an octal argument, it will directly set the bits of the mask to that argument:

$umask007# set the mask to 007 $umask# display the mask (in octal)0007#   0 - special permissions (setuid | setgid | sticky )#   0 - (u)ser/owner part of mask#   0 - (g)roup part of mask#   7 - (o)thers/not-in-group part of mask $umask-S# display the mask symbolicallyu=rwx,g=rwx,o=

If fewer than 4 digits are entered, leading zeros are assumed. An error will result if the argument is not a valid octal number or if it has more than 4 digits.^[4] The three rightmost octal digits address the "owner", "group" and "other" user classes respectively. If a fourth digit is present, the leftmost (high-order) digit addresses three additional attributes, the setuid bit , the setgid bit and the sticky bit .

Octal codes

Octal digit in `umask` command	Permissions the mask will prohibit from being set during file creation
`0`	any permission may be set (read, write, execute)
`1`	setting of execute permission is prohibited (read and write)
`2`	setting of write permission is prohibited (read and execute)
`3`	setting of write and execute permission is prohibited (read only)
`4`	setting of read permission is prohibited (write and execute)
`5`	setting of read and execute permission is prohibited (write only)
`6`	setting of read and write permission is prohibited (execute only)
`7`	all permissions are prohibited from being set (no permissions)

Setting the mask using symbolic notation

When umask is invoked using symbolic notation, it will modify or set the flags as specified by the maskExpression with the syntax:

[user-class-letters] operatorpermission-symbols

Note that this syntax does not work when using the C shell due to the different behaviour of its built-in umask command.

Multiple maskExpressions are separated by commas.

A space terminates the maskExpression(s).

The permissions are applied to different user classes:

Letter	Class	Description
`u`	user	the owner
`g`	group	users who are members of the file's group
`o`	others	users who are not the owner of the file or members of the group
`a`	all	all three of the above, the same as `ugo`. (The default if no user-class-letters are specified in the maskExpression.)

The operator specifies how the permission modes of the mask should be adjusted.

Operator	Effect on the mask
`+`	permissions specified are enabled, permissions that are not specified are unchanged.
`-`	permissions specified are prohibited from being enabled, permissions that are not specified are unchanged.
`=`	permissions specified are enabled, permissions that are not specified are prohibited from being enabled.

The permission-symbols indicate which file permission settings are to be allowed or prohibited by the mask.

Symbol	Name	Description
`r`	read	read a file or list a directory's contents
`w`	write	write to a file or directory
`x`	execute	execute a file or recurse a directory tree
`X`	special execute	See Symbolic modes.
`s`	setuid/gid	See File permissions.
`t`	sticky	See File permissions.

For example:

umasku-w

Prohibit write permission from being set for the user. The rest of the flags in the mask are unchanged.

Example of multiple changes:

umasku-w,g=r,o+r

This would set the mask so that it would:

prohibit the write permission from being set for the user, while leaving the rest of the flags unchanged;
allow the read permission to be enabled for the group, while prohibiting write and execute permission for the group;
allow the read permission to be enabled for others, while leaving the rest of the other flags unchanged.

Command line examples

Here are more examples of using the umask command to change the mask:

`umask` command issued	How the mask will affect permissions of subsequently created files/directories
`umask a+r`	allows read permission to be enabled for all user classes; the rest of the mask bits are unchanged
`umask a-x`	prohibits enabling execute permission for all user classes; the rest of the mask bits are unchanged
`umask a+rw`	allows read or write permission to be enabled for all user classes; the rest of the mask bits are unchanged
`umask +rwx`	allows read, write or execute permission to be enabled for all user classes. (Note: On some UNIX platforms, this will restore the mask to a default.)
`umask u=rw,go=`	allow read and write permission to be enabled for the owner, while prohibiting execute permission from being enabled for the owner; prohibit enabling any permissions for the group and others
`umask u+w,go-w`	allow write permission to be enabled for the owner; prohibit write permission from being enabled for the group and others;
`umask -S`	display the current mask in symbolic notation
`umask 777`	disallow read, write, and execute permission for all (probably not useful because even owner cannot read files created with this mask!)
`umask 000`	allow read, write, and execute permission for all (potential security risk)
`umask 077`	allow read, write, and execute permission for the file's owner, but prohibit read, write, and execute permission for everyone else
`umask 113`	allow read or write permission to be enabled for the owner and the group, but not execute permission; allow read permission to be enabled for others, but not write or execute permission
`umask 0755`	equivalent to `u-rwx,go=w`. (The `0` specifies that the special modes (setuid, setgid, sticky) may be enabled.)

Example showing effect of umask:

$ umask-S# Show the (frequently initial) setting u=rwx,g=rx,o=rx$ gcchello.c# compile and create executable file a.out$ ls-la.out-rwxr-xr-x  1 me  developer  6010 Jul 10 17:10 a.out $ # the umask prohibited Write permission for Group and Others$ ls>listOfMyFiles# output file created by redirection does not attempt to set eXecute$ ls-llistOfMyFiles -rw-r--r--  1 me  developer  6010 Jul 10 17:14 listOfMyFiles $ # the umask prohibited Write permission for Group and Others$ ############################################################$ umasku-w# remove user write permission from umask$ umask-S u=rx,g=rx,o=rx$ ls>protectedListOfFiles $ ls-lprotectedListOfFiles -r--r--r--  1 me  developer  6010 Jul 10 17:15 protectedListOfFiles $ rmprotectedListOfFiles override r--r--r-- me/developer for protectedListOfFiles? $ # warning that protectedListOfFiles is not writable, answering Y will remove the file$ #####################################################################################$ umaskg-r,o-r# removed group read and other read from mask$ umask-S u=rx,g=x,o=x$ ls>secretListOfFiles $ ls-lsecretListOfFiles -r--------  1 me  developer  6010 Jul 10 17:16 secretListOfFiles

Mask effect

The mask is applied whenever a file is created. If the mask has a bit set to "1", that means the corresponding file permission will always be disabled when files are subsequently created. A bit set to "0" in the mask means that the corresponding permission will be determined by the requesting process and the OS when files are subsequently created. In other words, the mask acts as a last-stage filter that strips away permissions as a file is created; each bit that is set to a "1" strips away that corresponding permission for the file.

How the mask is applied

How digits in the `umask` command appears in the mask and eventually affects a program's request for creating a file with e.g. full (`rwx`) permissions
digit in `umask` command	Binary in the mask	Negation of mask	Logical AND with "rwx" request^[5]
0	000	111	rwx
1	001	110	rw-
2	010	101	r-x
3	011	100	r--
4	100	011	-wx
5	101	010	-w-
6	110	001	--x
7	111	000	---

Programmatically, the mask is applied by the OS by first negating (complementing) the mask, and then performing a logical AND with the requested file mode. In the [probably] first UNIX manual to describe its function,^[6] the manual says,

the actual mode... of the newly-created file is the logical and of the given mode and the complement of the argument. Only the low-order 9 bits of the mask (the protection bits) participate. In other words, the mask shows [indicates] the bits to be turned off when files are created.
— UNIX Eighth Edition Manual, Bell Labs UNIX (manual), AT&T Laboratories

Exceptions

Many operating systems do not allow a file to be created with execute permissions. In these environments, newly created files will always have execute permission disabled for all users.

The mask is generally only applied to functions that create a new file; however, there are exceptions. For example, when using UNIX and GNU versions of chmod to set the permissions of a file, and symbolic notation is used, and no user is specified, then the mask is applied to the requested permissions before they are applied to the file. For example:

$ umask0000$ chmod+rwxfilename $ ls-lfilename -rwxrwxrwx filename$ umask0022$ chmod+rwxfilename $ ls-lfilename -rwxr-xr-x filename

Processes

Each process has its own mask, which is applied whenever the process creates a new file. When a shell, or any other process, spawns a new process, the child process inherits the mask from its parent process.^[7] When the process is a shell, the mask is changed by the umask command. As with other processes, any process launched from the shell inherits that shell's mask.

Mount option

In the Linux kernel, the fat, hfs, hpfs, ntfs, and udf file system drivers support a umask mount option, which controls how the disk information is mapped to permissions. This is not the same as the per-process mask described above, although the permissions are calculated in a similar way. Some of these file system drivers also support separate masks for files and directories, using mount options such as fmask .

Related Research Articles

A shell script is a computer program designed to be run by a Unix shell, a command-line interpreter. The various dialects of shell scripts are considered to be scripting languages. Typical operations performed by shell scripts include file manipulation, program execution, and printing text. A script which sets up the environment, runs the program, and does any necessary cleanup or logging, is called a wrapper.

In Unix and Unix-like operating systems, chmod is the command and system call used to change the access permissions and the special mode flags of file system objects. Collectively these were originally called its modes, and the name chmod was chosen as an abbreviation of change mode.

In computing, tar is a computer software utility for collecting many files into one archive file, often referred to as a tarball, for distribution or backup purposes. The name is derived from "tape archive", as it was originally developed to write data to sequential I/O devices with no file system of their own, such as devices that use magnetic tape. The archive data sets created by tar contain various file system parameters, such as name, timestamps, ownership, file-access permissions, and directory organization. POSIX abandoned tar in favor of pax, yet tar sees continued widespread use.

In computing, ls is a command to list computer files and directories in Unix and Unix-like operating systems. It is specified by POSIX and the Single UNIX Specification.

A newline is a control character or sequence of control characters in character encoding specifications such as ASCII, EBCDIC, Unicode, etc. This character, or a sequence of characters, is used to signify the end of a line of text and the start of a new one.

An environment variable is a user-definable value that can affect the way running processes will behave on a computer. Environment variables are part of the environment in which a process runs. For example, a running process can query the value of the TEMP environment variable to discover a suitable location to store temporary files, or the HOME or USERPROFILE variable to find the directory structure owned by the user running the process.

In computing, a hard link is a directory entry that associates a name with a file. Thus, each file must have at least one hard link. Creating additional hard links for a file makes the contents of that file accessible via additional paths. This causes an alias effect: a process can open the file by any one of its paths and change its content. By contrast, a soft link or “shortcut” to a file is not a direct link to the data itself, but rather a reference to a hard link or another soft link.

fstab is a system file commonly found in the directory /etc on Unix and Unix-like computer systems. In Linux, it is part of the util-linux package. The fstab file typically lists all available disk partitions and other types of file systems and data sources that may not necessarily be disk-based, and indicates how they are to be initialized or otherwise integrated into the larger file system structure.

In computing, cp is a command in various Unix and Unix-like operating systems for copying files and directories. The command has three principal modes of operation, expressed by the types of arguments presented to the program for copying a file to another file, one or more files to a directory, or for copying entire directories to another directory.

stat is a Unix system call that returns file attributes about an inode. The semantics of stat vary between operating systems. As an example, Unix command ls uses this system call to retrieve information on files that includes:

The Unix and Linux access rights flags setuid and setgid allow users to run an executable with the file system permissions of the executable's owner or group respectively and to change behaviour in directories. They are often used to allow users on a computer system to run programs with temporarily elevated privileges to perform a specific task. While the assumed user id or group id privileges provided are not always elevated, at a minimum they are specific.

Most file systems include attributes of files and directories that control the ability of users to read, change, navigate, and execute the contents of the file system. In some cases, menu options or functions may be made visible or hidden depending on a user's permission level; this kind of user interface is referred to as permission-driven.

The seven standard Unix file types are regular, directory, symbolic link, FIFO special, block special, character special, and socket as defined by POSIX. Different OS-specific implementations allow more types than what POSIX requires. A file's type can be identified by the ls -l command, which displays the type in the first character of the file-system permissions field.

Multi-Environment Real-Time (MERT), later renamed UNIX Real-Time (UNIX-RT), is a hybrid time-sharing and real-time operating system developed in the 1970s at Bell Labs for use in embedded minicomputers. A version named Duplex Multi Environment Real Time (DMERT) was the operating system for the AT&T 3B20D telephone switching minicomputer, designed for high availability; DMERT was later renamed Unix RTR.

In Unix-like operating systems, find is a command-line utility that locates files based on some user-specified criteria and either prints the pathname of each matched object or, if another action is requested, performs that action on each matched object.

The chgrp command may be used by unprivileged users on various operating systems to change the group associated with a file system object to one of which they are a member. A file system object has 3 sets of access permissions, one set for the owner, one set for the group and one set for others. Changing the group of an object could be used to change which users can write to a file.

File attributes are a type of meta-data that describe and may modify how files and/or directories in a filesystem behave. Typical file attributes may, for example, indicate or specify whether a file is visible, modifiable, compressed, or encrypted. The availability of most file attributes depends on support by the underlying filesystem where attribute data must be stored along with other control structures. Each attribute can have one of two states: set and cleared. Attributes are considered distinct from other metadata, such as dates and times, filename extensions or file system permissions. In addition to files, folders, volumes and other file system objects may have attributes.

In computing, the sticky bit is a user ownership access right flag that can be assigned to files and directories on Unix-like systems.

chattr is the command in Linux that allows a user to set certain attributes of a file. lsattr is the command that displays the attributes of a file.

Qshell is an optional command-line interpreter (shell) for the IBM i operating system. Qshell is based on POSIX and X/Open standards. It is a Bourne-like shell that also includes features of KornShell. The utilities are external programs that provide additional functions. The development team of Qshell had to deal with platform-specific issues such as translating between ASCII and EBCDIC. The shell supports interactive mode as well as batch processing and can run shell scripts from Unix-like operating systems with few or no modifications.

References

↑ "UNIX 7th Edition Manual, Bell Labs UNIX". Manual. AT&T Laboratories. Retrieved 2019-05-14.
↑ Olczak, Anatole (2019-06-09). "Korn Shell: Unix and Linux Programming Manual". Oreilly. Addison-Wesley Professional. Retrieved 2013-01-14.
↑ "umask", The Single UNIX Specification, Version 2 (manual), The Open Group, 1997, retrieved 2013-01-14
↑ Note: Some programming languages require a prefix symbol in front of octal notation such as the digit 0, or the letters o or q. The umask command does not use this type of prefix notation – only the octal digits are used.
↑ Note: Operating systems usually will also strip off execute permissions on newly created files.
↑ "UNIX 8th Edition Manual, Bell Labs UNIX". Manual. AT&T Laboratories. Retrieved 2013-01-14.
↑ "umask(2)", Linux Programmer's Manual release 3.32 (manual), Linux man-pages project, 9 January 2008, retrieved 2013-01-01

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[UNIXseventh-1] "UNIX 7th Edition Manual, Bell Labs UNIX". Manual. AT&T Laboratories. Retrieved 2019-05-14.

[ATTumask-2] Olczak, Anatole (2019-06-09). "Korn Shell: Unix and Linux Programming Manual". Oreilly. Addison-Wesley Professional. Retrieved 2013-01-14.

[SUSumask-3] "umask", The Single UNIX Specification, Version 2 (manual), The Open Group, 1997, retrieved 2013-01-14

[4] Note: Some programming languages require a prefix symbol in front of octal notation such as the digit 0, or the letters o or q. The umask command does not use this type of prefix notation – only the octal digits are used.

[5] Note: Operating systems usually will also strip off execute permissions on newly created files.

[UNIXeighth-6] "UNIX 8th Edition Manual, Bell Labs UNIX". Manual. AT&T Laboratories. Retrieved 2013-01-14.

[manpages-7] "umask(2)", Linux Programmer's Manual release 3.32 (manual), Linux man-pages project, 9 January 2008, retrieved 2013-01-01

[1]

[2]

[3]

[4]

[5]

[6]

[7]

v t e Unix command-line interface programs and shell builtins
File system	cat chattr chmod chown chgrp cksum cmp cp dd du df file fuser ln ls mkdir mv pax pwd rm rmdir split tee touch type umask
Processes	at bg crontab fg kill nice ps time
User environment	env exit logname mesg talk tput uname who write
Text processing	awk basename comm csplit cut diff dirname ed ex fold head iconv join m4 more nl paste patch printf read sed sort strings tail tr troff uniq vi wc xargs
Shell builtins	alias cd echo test unset wait
Searching	find grep
Documentation	man
Software development	ar ctags lex make nm strip yacc
Miscellaneous	bc cal expr lp od sleep true and false
Categories Standard Unix programs Unix SUS2008 utilities List