On 17/07/2024 15:37, Tim Woodall wrote:
umask 077 can come with its own problems when using shared directories.
<https://wiki.debian.org/UserPrivateGroups>
Taking into account old 022 vs. 002 discussions it might be 007.
I'm not a sudo user but IIUC, root inherits the umask, which can then
cause problems when things can't read config files that should be world
readable.
Do you mean the following bug or something else?
<https://bugs.debian.org/711104>
login: su - doesn't set umask
Fixed in version pam/1.5.3-1
Tue, 16 Jan 2024 00:19:23 +0000
Rather than change umask, I'd suggest that the better change is to make
home directories 0700 by default.
The topic starter believes it is not enough
<https://lists.debian.org/msgid-search/860527137.0ifERbkFSE@protheus2>
Mon, 15 Jul 2024 09:04:54 +0200
However I would not mind to read more details what use cases are not
covered. /tmp?
