diff --git a/INSTALL.md b/INSTALL.md
index 50678c0e..30f080ec 100644
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -88,3 +88,6 @@ $ cd cowrie/data
 $ ssh-keygen -t dsa -b 1024 -f ssh_host_dsa_key
 ```
 
+* Default file permissions
+To make Cowrie logfiles public readable, change the ```--umask 0077``` option in start.sh into ```--umask 0022```
+*
diff --git a/start.sh b/start.sh
index e6f66570..f0cff1af 100755
--- a/start.sh
+++ b/start.sh
@@ -28,7 +28,7 @@ fi
 echo "Starting cowrie in the background..."
 if [ $AUTHBIND_ENABLED = "no" ]
 then
-    twistd -l log/cowrie.log --pidfile cowrie.pid cowrie
+    twistd -l log/cowrie.log --umask 0077 --pidfile cowrie.pid cowrie
 else
-    authbind --deep twistd -l log/cowrie.log --pidfile cowrie.pid cowrie
+    authbind --deep twistd -l log/cowrie.log --umask 0077 --pidfile cowrie.pid cowrie
 fi