How to set Daemon umask

Edit the file /etc/sysconfig/init, and add or correct the following line:

umask 027

The settings file /etc/sysconfig/init contains settings which apply to all processes started at boot time.

The system umask must be set to at least 022, or daemon processes may create world-writable files. The more restrictive setting 027 protects files, including temporary files and log files, from unauthorized reading by unprivileged users on the system. If a particular daemon needs a less restrictive umask, consider editing the startup script or sysconfig file of that
daemon to make a specific exception.

Comments are closed.