Re: Q: Package login security problem?

On lun., 2015-12-21 at 10:11 +0100, Hans wrote: > Dear security-team, > > I am wondering, why the paramter for umask is set to 022 in /etc/login.defs > by  > default. I've already replied to this, see my previous mail <1450336571.28015.0.camel@d ebian.org> Regards, -- Yves-Alexis signature.a

Q: Package login security problem?

Dear security-team, I am wondering, why the paramter for umask is set to 022 in /etc/login.defs by default. This means, all new files in the /home of a user gets rw-r--r--. IMO this means, the user can read and write, his own group can read and the rest of the world can also read these files.