Q: Package login security problem?

To: debian-security@lists.debian.org
Subject: Q: Package login security problem?
From: Hans <hans.ullrich@loop.de>
Date: Mon, 21 Dec 2015 10:11:15 +0100
Message-id: <[🔎] 3597653.oXMi6JFRWW@protheus2>

Dear security-team,

I am wondering, why the paramter for umask is set to 022 in /etc/login.defs by 
default.

This means, all new files in the /home of a user gets rw-r--r--. 

IMO this means, the user can read and write, his own group can read and the 
rest of the world can also read these files.

I think, this is not a good policy. On a system with several users, maybe I do 
not want other users read my files i.e. documents, mails, letters whatever.

So IMHO it should be preconfigured, that all files get rw-r-----. Doing so, a 
user can be allowed to be entered into the group of the user in case he might 
be allowed to read the files from the other user.

If I am wrong in my thoughts and if I have something not correctly understood, 
I will be happy if you will enlighten me.

Thanks for reading and your hard work!

Best regards

Hans

Reply to:

Follow-Ups:
- Re: Q: Package login security problem?
  - From: Yves-Alexis Perez <corsac@debian.org>

Prev by Date: Call for testing: libxml2 update
Next by Date: Re: Q: Package login security problem?
Previous by thread: Call for testing: libxml2 update
Next by thread: Re: Q: Package login security problem?
Index(es):
- Date
- Thread