Since Tiger and Panther use, by default, a "user private group" (UPG) scheme, in which every user gets his own group, it is perfectly reasonable and secure for the default umask to be 002 (which means files are group writable by default). If you never create another group, umask values of 002 and 022 will be exactly equivalent, because there will never be a group with more than one member.
In fact, this is how many Linux distributions ship by default. Check out this nice writeup from RedHat, explaining the ins and outs of the UPG system.
To set this up for OSX 10.3 or later, all you need is to set the default umask for all users who'd like to share write access on some set of directories, create one or more custom user groups to enable such sharing, and then enable the setgid bit on one or more shared directories. Read on for a step-by-step walkthrough...
Here's how to allow sharing of any set of directories for any number of users on the same machine:
- Set the default umask to 2. You can't do this globally using the umask command in the Terminal, but rather, as mentioned in this hint, with this command:
You must do this for all users who would like to share write access to files using this scheme. You can check if it worked by logging out and back in, and typing umask in the Terminal. It should report 2 as the value.defaults write -g NSUmask 2 - Make a new group (mine is called home), and add all users who would like shared write access. To do this, launch NetInfo Manager (in Applications/Utilities), click on groups, click the lock and authenticate to make changes, and then click on the group which is the same as your username. Use Edit: Duplicate to make a copy.
Change the name of the duplicate to your chosen shared group name, and the GID to some free number (401 is a good choice, if you have no preference). Then use Directory: New Property to add the property users. Click on the newly created users property, and use Directory: New Value to add the first username who you'd like to be a member of the group. Repeat for all such users (no need to add all users, just ones who'd like shared write access). Save changes and quit.
Now wipe the sweat off your brow and write Apple an email begging for an easier tool for adding user groups. You can, of course, make multiple groups with different user membership to allow shared-write for different projects, etc. - Pick a directory (or more than one) for sharing. I use the pre-existing /Users/Shared, but any directory will do (including ones in your own /Users directory). In the Terminal, run these commands:
Change my_username to your username and shared_group to the name of the shared group you created.% sudo chown -R my_username:shared_group /Users/Shared % sudo find /Users/Shared -type d -exec chmod g+s \{} \;
The chmod g+s command is setting the set-group-id bit on all directories, which makes all newly-created files inside that directory inherit the group of their parent directory, instead of the user's current group (which will very likely be their user private group -- useless for sharing). This is very important, as many OS X file types are actually directories, and will quickly become unwritable, as different users create new sub-files which don't inherit the shared group. The nice thing is, you only have to do this once. If you have an empty /Users/Shared, then you don't need the complex find command; a simple chmod g+s /Users/Shared will set you up for good. - If you'd like to preserve the existing permission scheme for /Users/Shared (everybody can read everything, only you can modify your own files, and you can only delete your own stuff), you might consider a new directory, like /Users/SharedWrite, to use this method on.
% mv ~/Pictures/iPhoto Library ~/Pictures/iPhoto Library old
% ln -nsf /Users/Shared/Pictures/iPhoto Library ~/Pictures/
This shares an iPhoto library magically (you can also hold down Option when iPhoto starts and select that library directly). I did similar for ~/Music/iTunes. I also created a link...
% ln -s /Users/Shared/Movies ~/Movies/Shared Movies
...to have shared iMovie files in a Shared Movies folder inside of Movies. The possibilities are limitless.

