Q: Package login security problem?
Dear security-team,
I am wondering, why the paramter for umask is set to 022 in /etc/login.defs by
default.
This means, all new files in the /home of a user gets rw-r--r--.
IMO this means, the user can read and write, his own group can read and the
rest of the world can also read these files.
I think, this is not a good policy. On a system with several users, maybe I do
not want other users read my files i.e. documents, mails, letters whatever.
So IMHO it should be preconfigured, that all files get rw-r-----. Doing so, a
user can be allowed to be entered into the group of the user in case he might
be allowed to read the files from the other user.
If I am wrong in my thoughts and if I have something not correctly understood,
I will be happy if you will enlighten me.
Thanks for reading and your hard work!
Best regards
Hans
Reply to: