# Some apps ignore my .bashrc

## Nordog

I've been looking into ways to secure my home directory and I want my default file privileges to be so that only I can read and modify them. Therefore in my .bashrc I have the line

```
umask 077
```

However, these settings are routinely ignored by various applications, for example Kate and other KDE apps and openoffice, and also when I log in through ssh.

Is there any way for my to ensure that all my files will indeed have the aforementioned permissions?

----------

## chrbecke

Nordog,

there are two different config files read when a shell is started: ~/.bashrc for interactive shells and ~/.bash_profile for login shells (see man bash for details).

Try one of the following:

a) put the umask setting in ~/.bash_profile as well

b) make sure you've got the line 

```
[[ -f ~/.bashrc ]] && . ~/.bashrc
```

 at the end of your ~/.bash_profile

I'd recommend solution b), because you'll only have to maintain your umask setting in one place, i.e. ~/.bashrc.

This should solve your problem at least for ssh, not sure about OpenOffice and KDE apps, though.

HTH,

chrbecke

----------

## Nordog

Thanks for the tip. Now files greated through an ssh session have the correct permissions. It doesn't help with the KDE, openoffice etc apps.

Of course the .bash* settings only apply to work done in a bash environment. Is there no way to configure apps to create files with specific privileges. I mean, why are they world readable by default in the first place anyway?

----------

## gsoe

As far as I know it should be possible to configure KDE through the /usr/kde/3.5/share/config/kdm/Xsession which also sources the $HOME/.xprofile if it exists, but I didn't get it working yet, and I don't know whether it will affect e.g. openoffice. Anyway, it's something to investigate.

If you go for a systemwide umask, then there's an umask 022 statement in /etc/profile that you can alter. I've tried it out and it works allright. At the site http://www.faqs.org/docs/Linux-HOWTO/Config-HOWTO.html there's an example /etc/profile with an umask setting that differentiates root and regular user settings:

```
# first: root or normal user? Set PATH and umask accordingly. Note that the

# PATH is normally set by login (1), but what if you access the machine

# via ssh?

if [ $(id -gn) = $(id -un) -a $(id -u) -gt 14 ]; then

  umask 002  # normal user

  PATH="/usr/local/bin:/bin:/usr/bin:."

else

  umask 022  # root

  PATH="/sbin:/bin:/usr/sbin:/usr/bin"

fi
```

Hope the above will give you some ideas...

----------

## Hu

 *Nordog wrote:*   

> Thanks for the tip. Now files greated through an ssh session have the correct permissions. It doesn't help with the KDE, openoffice etc apps.
> 
> Of course the .bash* settings only apply to work done in a bash environment. Is there no way to configure apps to create files with specific privileges. I mean, why are they world readable by default in the first place anyway?

 

The umask setting is inherited.  If you use a display manager, then programs you start through the window manager may not have bash anywhere in their ancestry, and so will not have picked up the umask from your bash script.  gsoe is already helping you with this, so I will not go into it further.

The files are world readable because it some people may want them that way, and with the way permissions are handled, it is easier to let the application specify a loose mask, such as 664 or 775, and let the user's umask lock it down to something more restrictive.  As far as I know, there is no equivalent and easy way for the application to default to restrictive and let the trusting users open up their permissions.  Doing so would require the applications to individually look up what permissions the user wanted, whereas the umask setting is inherited and thus easily supported even by very simple programs.

----------

## Mantaar

As Hu already said, KDE and every Application launched from within KDE will ignore your .bashrc, simply, because it isn't executed. Simple environment control and the like were one reason for me to switch to slim and .xinitrc...   :Rolling Eyes: 

When you launch kate or openoffice from console (the latter with the command 'ooffice') you should in fact get appropriate results. If you don't want to alter your system wide umask, you will have to peek into your login manager's manpage. It is very likely it will just run some scripts before running the Desktop Manager and you can then just put a umask command right before the DM gets started.

----------

