Mh, I just deleted some text I wrote to 1) and 2), because most if it
was already said. It boils down to "personal/administrational preference
and/or policy", "the current defaults are just fine and logical" and
"trivial to change".
Dave Feustel wrote:
Also modify adduser so that the home directory
permissions of new users are set to drwx------
instead of drwxr-xr-x
chmod 700 /etc/skel
No real need for changing any scripts, and besides, home directories
with a default mode of 700 would *really* annoy me.
"Grab foo.txt fom my home direc... oh, wait, sorry - I have to log in
and throw it in /tmp or something."
This kind of paranoia adds nothing to security (~/.ssh and others that
need it are already set to restrictive permissions), and there is no
privacy from root no matter what. The rest is, again, personal
preference and/or something about local policies.
Moritz
