Re: UMASK 002 or 022?
On Thu, Jun 29, 2017 at 7:43 PM, <firstname.lastname@example.org> wrote:
> The wider community doesn't seem that concerned with the fact that all
> Debian and Ubuntu users are now (with the most recent stable releases)
> completely unable to change their default umask (and further have a default
> setting that gives the world read access to all their documents). I think
> this needs to be viewed as a security issue.
> Even with the premise that the average Linux user is more computer competent
> than the average Windows or Mac user, I still don't think it's a fair
> assumption that all linux users know all about umask and permissions. Due to
> this, many users may unwittingly create "guest" accounts or friend accounts
> on their computers unknowingly giving read access to all documents they've
> created. This is not an uncommon practice in university contexts especially.
> Same goes if there's any sort of remote access going on through SSH etc.
> This issue strikes me as something that should be of higher concern to the
> Someone mentioned changing the permissions on one's home folder. That just
> adds insult to injury that by default everyone's home folder let's the world
> have read access along with all files being created with read access. It's
> poor privacy and security policy. The average computer-user assumes that
> other account holders can't read their "stuff" unless they do something to
> allow that person to read their stuff. But this is completely untrue on
> Debian Stretch and Ubuntu 17.04.
Are you saying that default permissions for home dirs in Debian is 755?
Feel free to CC me.
May The Source be with You.