What is the purpose of using umask(0);
in php?
I have seen this a few times, and cant figure out from the documentation what it precisely does.
Can someone explain this and when it would be useful to use?
The umask() function changes the file permissions for files. This function sets PHP's umask to mask & 0777 and returns the old umask.
umask (user file-creation mode) is a Linux command that lets you set up default permissions for newly created files and folders. 2. A user-defined permissions 'mask'. A user can choose how to restrict permissions by using a permissions mask.
Setting the umask
to 0000
(or just 0
) means that newly created files or directories created will have no privileges initially revoked. In other words, a umask
of zero will cause all files to be created as 0666
or world-writable. Directories created while umask
is 0
will be 0777
.
Usually when you see umask(0)
it should be followed directly by a call to chmod()
to explicitly set the permissions needed on the newly created file or directory to something other than world-writable.
Use caution when setting the umask to zero! This can be dangerous and is mostly only useful for creating files which must be later written to by the web server, when the web server runs as a different user that a "real" user who will also need to be able to modify the files created by the web server. Otherwise, the system's default umask is likely to be something like 0022
, writable by the file owner but not others. In that case, if you logged into the machine under a normal user account, the file created by the web server under PHP would not be writable by you.
Rather than creating world-writable files, it is generally a better idea to manage the directories the web server is writing to more explicitly. If the files created inside a directory should have certain group permissions, it may be advisable to set the sgid bit on the directory so new files inside it inherit group ownership. Users needing access to the file should be members of the group having access to it. This is much more secure than creating world-readable, world-writable files.
php > umask(0); // Should get created as 666 php > touch('file1.txt'); // "2" perms revoked from group, others, gets created as 644 php > umask(022); php > touch('file2.txt'); // All revoked (2,4) from group, others, gets created as 600 php > umask(066); php > touch('file3.txt'); -rw-rw-rw- 1 me group 0 Aug 24 15:34 file1.txt -rw-r--r-- 1 me group 0 Aug 24 15:35 file2.txt -rw------- 1 me group 0 Aug 24 15:37 file3.txt
The umask is basically a default setting for creating files. In essence it is safer to turn your default chmod on and then write the file than write it and then chmod it (some say). At the end of the day the time between finishing writing the file and running chmod would be miliseconds at best so I am sceptical about this.
umask() sets PHP's umask to mask & 0777 and returns the old umask
It basically sets default write permissions to whatever you put in on OS's such as Linux and then returns the old one so you can reset it back. This applies to the PHP process itself.
The comments on the doc page: http://php.net/manual/en/function.umask.php will clarify by example.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With