On Mon, 15 Jul 2024, Jeffrey Walton wrote:
Debian is a multi-user operating system. Decisions should be made accordingly. I suppose umask is a moot point on phones and tablets, where single-user is often the use case.
umask 077 can come with its own problems when using shared directories. years ago I used to use cvs pserver specifically to finesse this problem. Now that (almost) everybody uses a remote git server it's less relevant there. I'm not a sudo user but IIUC, root inherits the umask, which can then cause problems when things can't read config files that should be world readable. Rather than change umask, I'd suggest that the better change is to make home directories 0700 by default. If that is the wrong choice then it only has to be fixed once per user. Creating 'world/group' readable files with too restrictive permissions never goes away.
