Set the default protection to newly created directories and files in Unix

The umask command, when placed in the .cshrc file (for the csh and tcsh shells), the .profile file (for the Korn shell), or the .bash_profile file (for the bash shell), acts as a umask that screens out permissions automatically each time you create a new directory or file in your account. If a directory is readable, writable, and executable by the owner, a selected group of users, and everyone on the system, its octal permission is 777. If a file is readable and writable by the owner, a selected group of users, and everyone on the system, its octal permission is 666. The umask command is followed with a number that is subtracted from 777 on directories, and from 666 on files. The result gives the default protection for new directories and files.

Place the following line in a .cshrc, .profile, or .bash_profile, or to set the default permissions for directories and files in your account:

 umask 022

Using this line, all new directories created in your account are given a default protection of 755 (that is, 777 - 022), which grants read, write, and execute permission to the owner of the directory, and read and execute permission to the group and others. New files created in your account are given a default protection of 644 (that is, 666 - 022), which grants read and write permission to the owner of the file, and read permission to the group and others.

By default, most shells set the umask to 022, giving you write and read permissions, and others read permissions on new directories and files. To determine what the current umask setting is, at the Unix prompt, enter:

 umask