Dear security-team, I am wondering, why the paramter for umask is set to 022 in /etc/login.defs by default.
This means, all new files in the /home of a user gets rw-r--r--. IMO this means, the user can read and write, his own group can read and the rest of the world can also read these files. I think, this is not a good policy. On a system with several users, maybe I do not want other users read my files i.e. documents, mails, letters whatever. So IMHO it should be preconfigured, that all files get rw-r-----. Doing so, a user can be allowed to be entered into the group of the user in case he might be allowed to read the files from the other user. If I am wrong in my thoughts and if I have something not correctly understood, I will be happy if you will enlighten me. Thanks for reading and your hard work! Best regards Hans
