On 5/17/06, Eric Fox <eric@bsdsystems.com> wrote:
> I had misunderstood this to be an ownership issue.  As far as I know,
> the only option you have is to make sure umask is set correctly in the
> global shell setup files (/etc/profile, /etc/csh.login, etc), but a user
> can still reset or change their umask in their personal rc files.
> Leaving you with running a chmod command via cron as the only way to be
> SURE that the files maintain the correct permissions.
>

Here's a demo of what's been talked about.
I'm pretty sure setuid and getgid should only affect executables, not
creation under directories. (unless you create them with an executable
that has setgid)
And the sticky bit makes a directory append-only.

NetBSD gomez 3.99.17 NetBSD 3.99.17 (GOMEZ) #5: Fri Mar 31 11:04:15 EST 200=
6

$ id
uid=3D1000(msporled) gid=3D100(users) groups=3D0(wheel),100(users),1000(www=
),1001(cvs)
$ umask
022

$ mount
/dev/wd0a on / type ffs (soft dependencies, local)
kernfs on /kern type kernfs (local)

$ ls -l /usr/home|grep msporled
drwxr-xr-x  12 msporled  users  1024 May 15 13:54 msporled
$ pwd
/usr/home/msporled
$ touch file1
$ ls -l file1
-rw-r--r--  1 msporled  users  0 May 17 09:43 file1

$ ls -l /usr/home|grep cvs
drwxrwxr-x   5 nobody    cvs     512 May 17 09:42 cvs
$ touch file2
$ ls -l file2
-rw-r--r--  1 msporled  cvs  0 May 17 09:44 file2

$ umask 002
$ touch file3
$ ls -l file3
-rw-rw-r--  1 msporled  cvs  0 May 17 09:49 file3