Default umask too open
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ubuntu-meta (Ubuntu) |
Invalid
|
Medium
|
Unassigned |
Bug Description
The current default umask is 0022, which gives files 0644 (rw-r--r--) and
directories 0755 (rwxr-xr-x). This behavior leaves all files created by all
users readable by any user on the system. In practice, these files could
contain passwords, e-mail, Web browser cookies with credit card numbers, or
other sensitive information.
Please consider changing the default umask to 0077. This may cause some issues
with sharing files between users; various GUI tools could help with these
situations. For example, "Properties" dialogs should allow a user to
recursively change permissions on one or more files and directories. It's not
without its pitfalls; but in production, it may be important to not share all
information by default.
This is similar to bug #23595
Same answers as in bug #23595