Boruch Baum <boruch_baum@???> writes:
[...]
> 2.2] umask. This was a shocker, security-wise. The default umask is set
> to 022 instead of the better 027 or, my preference, 077. My memory is
> that on other systems on which I've seen the command seemingly
> hard-coded for 022, the fix to 027 or 077 was placed in this file.
Ultimatively, the lineage of everything-UNIX(*) is that of a research
and development system used by a group of people who weren't fighting
each other. Hence, the default policy of every file being world-readable
unless this is specifically prevented. Other people have had even more
'radical' ideas about this in the past.
In the old days on ITS it was considered desirable that everyone
could look at any file, change any file, because we had reasons
to. I remember one interesting scandal where somebody sent a
request for help in using Macsyma. Macsyma is a symbolic algebra
program that was developed at MIT. He sent to one of the people
working on it a request for some help, and he got an answer a
few hours later from somebody else. He was horrified, he sent a
message “so-and-so must be reading your mail, can it be that
mail files aren't properly protected on your system?” “Of
course, no file is protected on our system. What's the problem?
You got your answer sooner; why are you unhappy? Of course we
read each other's mail so we can find people like you and help
them”. Some people just don't know when they're well off.
http://www.gnu.org/philosophy/stallman-kth.en.html