On Thu, Jun 29, 2017 at 7:43 PM, <gwmf...@openmailbox.org> wrote: > The wider community doesn't seem that concerned with the fact that all > Debian and Ubuntu users are now (with the most recent stable releases) > completely unable to change their default umask (and further have a default > setting that gives the world read access to all their documents). I think > this needs to be viewed as a security issue. > > Even with the premise that the average Linux user is more computer competent > than the average Windows or Mac user, I still don't think it's a fair > assumption that all linux users know all about umask and permissions. Due to > this, many users may unwittingly create "guest" accounts or friend accounts > on their computers unknowingly giving read access to all documents they've > created. This is not an uncommon practice in university contexts especially. > Same goes if there's any sort of remote access going on through SSH etc. > > This issue strikes me as something that should be of higher concern to the > community. > > Someone mentioned changing the permissions on one's home folder. That just > adds insult to injury that by default everyone's home folder let's the world > have read access along with all files being created with read access. It's > poor privacy and security policy. The average computer-user assumes that > other account holders can't read their "stuff" unless they do something to > allow that person to read their stuff. But this is completely untrue on > Debian Stretch and Ubuntu 17.04. >
Are you saying that default permissions for home dirs in Debian is 755? -- darkestkhan ------------------------------------------ Feel free to CC me. jid: darkestk...@gmail.com May The Source be with You.