Fred, Gosh such high praise. But let me make this perfectly clear, everything I know about this subject has come from you so I'm an imperfect reflection of your teachings.
viking777, that really is old school. It's just separating umask into the component parts depending on whether the object is a directory (dmask) or a file (fmask) and it works the same way as umask does.
So a dmask=0022 will turn off write to group and others so all the resulting directories will have permissions of 755
And an fmask=0133 will turn off execute for owner and turn off execute and write for everyone else so the resulting file will have permissions of 644.
In it's purest sense this is exactly the way it should be and replicates what happens by default in a linux filesystem.
The problem with a umask=000 is that it allows all objects to have permissions of 777. You want a 7 on a directory because that enables the execute bit and an execute on a folder means you can open it to see what's inside. But a 7 on a file means you can actually execute it.
I guess it depends on how you're using the ntfs partition. If it's a Windows partition then it's unlikely that a windows executable is going to do any harm to your linux system. But if you have an ntfs partition that is being used to backup your linux system ( and I can't imagine why you would do that ) then it might be a concern. I never use these personally but there's only one user per box here so it's really not a problem to be fixed.
Lordy, I hope I got all that right