On Sat, 2024-02-10 at 17:57 +0100, Daniel Simionato wrote: > Hello, > I'd like to start a discussion regarding setting HOME_MODE by default in > the /etc/login.defs file (owned by sys-apps/shadow package). > > Upstream keeps HOME_MODE commented: > https://github.com/shadow-maint/shadow/blob/3e59e9613ec40c51c19c7bb5c28468e33a4529d5/etc/login.defs#L207 > > HOME_MODE affects only useradd and newuser commands: if HOME_MODE is set, > they will use the specified permission when creating a user home directory, > otherwise the default UMASK will be used. > Since the default umask is 022, keeping HOME_MODE unset will result in home > readable home direct
umask 022 is also egregious, changing it to 027 would kill two birds. But in lieu of that, yes.