One possible correction: login.conf might be a better place than what I
suggested earlier. Either way, would require thinking through it by
someone more knowledgeable.
On 2021-05-01 09:37:51-0600, Luke A. Call wrote:
> I have been wondering for a long time (and did some searches) if it
> would make sense for obsd to have a default umask of 0077, in the
> /etc/profile or /etc/skel files on new installs, or what I'm missing.
>
> I imagine it helping a new user who hasn't learned yet about umask, to
> not create files readable by all other users, until ready for
> that, thus being even more secure by default. Maybe the default
> permissions on new home directories already covers that issue? Yet
> there are possible files in the /tmp folder; I don't know in all cases
> which is why I set my own system with 0077.
>
> I've been running that way and the only problem I've noticed (so far) is
> in some uses of pkg_add I had to set the umask back to 0022 first and
> reset it after, for some things to work, which I did in a wrapper script.
>
> Most likely it's just about my ignorance. Thanks.
>
> ps: thanks for 6.9 etc!
