Setting Umask during installation

When installing OpenEdge, what should the umask setting be?
Can all world ('other') write permissions be removed from the progress installation files.
How to prevent tampering with the OpenEdge install media?
When OpenEdge is installed as root the install files are open (777) which could allow unexpected additional install on the machine

OpenEdge installations should be done as Root.  During the installation, setting a Umask can easily prevent non-root users from being able to modify the installation. Umask takes away permissions depending on bitness and the level used. The following diagram shows the results of entering each number in a Umask command and the effects on permissions.



Examples:
If permissions should only be open for root, to restrict other users then a 022 Umask can be used to take away write permissions for everyone but root.

If there is a group for root that should have write permissions then a 002 Umask would work.

Progress Articles:

 Why Progress requires their executables to be owned by ROOT and have the SETUID bit set.  
 Who should own a process which has the SETUID ROOT bit on and a ps command is run?    
 How to change the umask value for PASOE