One possible correction: login.conf might be a better place than what I suggested earlier. Either way, would require thinking through it by someone more knowledgeable.
On 2021-05-01 09:37:51-0600, Luke A. Call <luke...@onemodel.org> wrote: > I have been wondering for a long time (and did some searches) if it > would make sense for obsd to have a default umask of 0077, in the > /etc/profile or /etc/skel files on new installs, or what I'm missing. > > I imagine it helping a new user who hasn't learned yet about umask, to > not create files readable by all other users, until ready for > that, thus being even more secure by default. Maybe the default > permissions on new home directories already covers that issue? Yet > there are possible files in the /tmp folder; I don't know in all cases > which is why I set my own system with 0077. > > I've been running that way and the only problem I've noticed (so far) is > in some uses of pkg_add I had to set the umask back to 0022 first and > reset it after, for some things to work, which I did in a wrapper script. > > Most likely it's just about my ignorance. Thanks. > > ps: thanks for 6.9 etc!
