Package: shotwell Version: 0.22.1-1 Severity: wishlist Shotwell currently just takes the permissions of original files on import. In many cases, this is 755 or 777, because users may import files from typically VFAT formatted SD cards.
For security, it would be nice to have no executable bits set. For privacy, it would be nice to allow only user and group to read imported files. I suggest 640 as permission of imported files and 750 or maybe 2750 for new directories.