On Sun, 2024-02-11 at 10:06 +0000, Sam James wrote:
> Michael Orlitzky <mjo@gentoo.org> writes:
> 
> > On Sat, 2024-02-10 at 17:57 +0100, Daniel Simionato wrote:
> > > Hello,
> > >  I'd like to start a discussion regarding setting HOME_MODE by default in
> > > the /etc/login.defs file (owned by sys-apps/shadow package).
> > > 
> > > Upstream keeps HOME_MODE commented:
> > > https://github.com/shadow-maint/shadow/blob/3e59e9613ec40c51c19c7bb5c28468e33a4529d5/etc/login.defs#L207
> > > 
> > > HOME_MODE affects only useradd and newuser commands: if HOME_MODE is set,
> > > they will use the specified permission when creating a user home directory,
> > > otherwise the default UMASK will be used.
> > > Since the default umask is 022, keeping HOME_MODE unset will result in home
> > > readable home direct
> > 
> > umask 022 is also egregious, changing it to 027 would kill two birds.
> > But in lieu of that, yes.
> 
> mgorny wrote in favour of this 13 years ago too:
> https://blogs.gentoo.org/mgorny/2011/10/18/027-umask-a-compromise-between-security-and-simplicity/.
> 
> It would be a bigger change and require us to do a lot of daily-driver
> testing first though.

...and I've stopped using that a long time ago too because I kept
messing permissions up.  These days I just explicitly switch umask if I
need something to be secure.

-- 
Best regards,
Michał Górny