...
On POSIX-compliant systems, the permissions may be restricted by the value of the POSIX umask() function [Open Group 2004IEEE Std 1003.1:2013].
The operating system modifies the access permissions by computing the intersection of the inverse of the umask and the permissions requested by the process [Viega 2003]. For example, if the variable requested_permissions contained the permissions passed to the operating system to create a new file, the variable actual_permissions would be the actual permissions that the operating system would use to create the file:
...
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...
| [CVE] | |||
| [Dowd 2006] | Chapter 9, "UNIX 1: Privileges and Files" | ||
| [IEEE Std 1003.1:2013] | XSH, System Interfaces, openXSH, System Interfaces, umask | ||
| [ISO/IEC 9899:2011] | Subclause K.3.5.2.1, "The fopen_s Function" | ||
| [OpenBSD] | [Open Group 2004] | "The open Function""The umask Function" | |
| [Viega 2003] | Section 2.7, "Restricting Access Permissions for New Files on UNIX" |
...