FILE_PERMISSIONS groupID#pmodeA#...#pmodeZ
Permits default file permissions to be assigned to one or more groups including two special groups: WORLD and OWNER. The primary need for this capability is to enforce permission flags on files that have already been created without a permission mask (i.e., the permission mask is zero at file create). A zero permission mask is equivalent to granting everyone all rights:
OPF_ALL | GPF_ALL | WPF_ALL
Note: ALL does not include the special NOPASS flag that permits a file to be opened for reading without supplying the file password. To grant NOPASS permission, it must be included explicitly.
The WORLD entry applies to file opens by a user whose group(s) do not match any of the specified groups for those files without an explicit permission mask. If there is no WORLD entry, then WORLD permissions default to ALL. The OWNER entry applies to file opens by the users that created the files without an explicit permission masks.
Consider the following entries, and assume all the files in use did not have explicit permission masks at creation. Files with explicit permission masks (except for OPF_ALL | GPF_ALL | WPF_ALL) at creation are not affected by these FILE_PERMISSIONS entries.
FILE_PERMISSIONS OWNER#DEF
FILE_PERMISSIONS inventory#WRITE
FILE_PERMISSIONS ACCOUNTING#write#nopass
FILE_PERMISSIONS WORLD#NONE
In this example, the owner of a file will have READ, WRITE and DEF permissions. The owner of the file cannot delete the file. Members of the INVENTORY group have READ and WRITE permissions. Members of the ACCOUNTING group have READ and WRITE permissions and may open a file without its password (and receive READ permission only). A user who is not the owner of a file and not a member of the ACCOUNTING or INVENTORY groups will be assigned WORLD permissions, which in this case is NONE. NONE means the file cannot be opened.
If a user belongs to multiple groups, and two or more of its groups are specified with the FILE_PERMISSIONS keyword, the permissions granted to the user will be the union of the individual group permissions. However, if the user is the OWNER of the file, it receives OWNER permissions that default to ALL.