php umask(0) what is the purpose

What is the purpose of using umask(0); in php?

I have seen this a few times, and cant figure out from the documentation what it precisely does.

Can someone explain this and when it would be useful to use?


Solution 1:

Setting the umask to 0000 (or just 0) means that newly created files or directories created will have no privileges initially revoked. In other words, a umask of zero will cause all files to be created as 0666 or world-writable. Directories created while umask is 0 will be 0777.

Usually when you see umask(0) it should be followed directly by a call to chmod() to explicitly set the permissions needed on the newly created file or directory to something other than world-writable.

Use caution when setting the umask to zero! This can be dangerous and is mostly only useful for creating files which must be later written to by the web server, when the web server runs as a different user that a "real" user who will also need to be able to modify the files created by the web server. Otherwise, the system's default umask is likely to be something like 0022, writable by the file owner but not others. In that case, if you logged into the machine under a normal user account, the file created by the web server under PHP would not be writable by you.

Rather than creating world-writable files, it is generally a better idea to manage the directories the web server is writing to more explicitly. If the files created inside a directory should have certain group permissions, it may be advisable to set the sgid bit on the directory so new files inside it inherit group ownership. Users needing access to the file should be members of the group having access to it. This is much more secure than creating world-readable, world-writable files.

php > umask(0);
// Should get created as 666
php > touch('file1.txt');

// "2" perms revoked from group, others, gets created as 644
php > umask(022);
php > touch('file2.txt');

// All revoked (2,4) from group, others, gets created as 600
php > umask(066);
php > touch('file3.txt');

-rw-rw-rw-   1 me  group     0 Aug 24 15:34 file1.txt
-rw-r--r--   1 me  group     0 Aug 24 15:35 file2.txt
-rw-------   1 me  group     0 Aug 24 15:37 file3.txt

Solution 2:

The umask is basically a default setting for creating files. In essence it is safer to turn your default chmod on and then write the file than write it and then chmod it (some say). At the end of the day the time between finishing writing the file and running chmod would be miliseconds at best so I am sceptical about this.

umask() sets PHP's umask to mask & 0777 and returns the old umask

It basically sets default write permissions to whatever you put in on OS's such as Linux and then returns the old one so you can reset it back. This applies to the PHP process itself.

The comments on the doc page: http://php.net/manual/en/function.umask.php will clarify by example.