UNIX has a laissez-faire philosophy with regards to users, viz. UNIX tries to not have many policy decisions affect users. This is great; policies change as the times and our environs change, and our use of a system is not bound to some out-moded policy.

But, there are policies in UNIX, and the one I just wrangled with is a security policy.I have a program (Postfix), which appears to not properly process deferred email unless the deferred queue file has owner-executable bit set in the file permissions. I thought, no worries, I'll just set the umask for the mail user to 0077, which will cause postfix to create files with permissions 0700. How wrong I was. This wouldn't set the executable bit. So I made sure the error occurred in bash, tcsh, and ash, and it was present in all three. Next, I man -a umask and found out that the file mode of creation is binary AND'd with the umask of the process. This answered my problem as it appears that Postfix does not set the executable bit in queue files. Which makes sense as they are not meant to be executable files. So now I have a Postfix bug, and I have to run find /var/spool/postfix/deferred/ -type f -exec chmod 0700 {} \; in a cronjob to make sure the queue is handled properly.