`ufw` only complains about it when it resets, which barely anyone does.
```
thinkpad in ~
○ → ls -l /etc/ufw
total 48
-rw-r--r-- 1 root root 915 Feb 1 2017 after6.rules
-rw-r--r-- 1 root root 1126 Feb 1 2017 after.init
-rw-r--r-- 1 root root 1004 Feb 1 2017 after.rules
drwxr-xr-x 2 root root 4096 Apr 20 06:17 applications.d
-rw-r--r-- 1 root root 6449 Feb 1 2017 before6.rules
-rw-r--r-- 1 root root 1130 Feb 1 2017 before.init
-rw-r--r-- 1 root root 2667 Feb 1 2017 before.rules
-rw-r--r-- 1 root root 1941 Feb 1 2017 sysctl.conf
-rw-r--r-- 1 root root 312 Feb 1 2017 ufw.conf
-rw-r--r-- 1 root root 107 Feb 1 2017 user6.rules
-rw-r--r-- 1 root root 307 Feb 1 2017 user.rules
thinkpad in ~
○ → sudo ufw reset
Resetting all rules to installed defaults. Proceed with operation (y|n)? y
Backing up 'user.rules' to '/etc/ufw/user.rules.20180420_061904'
Backing up 'after6.rules' to '/etc/ufw/after6.rules.20180420_061904'
Backing up 'user6.rules' to '/etc/ufw/user6.rules.20180420_061904'
Backing up 'before6.rules' to '/etc/ufw/before6.rules.20180420_061904'
Backing up 'after.rules' to '/etc/ufw/after.rules.20180420_061904'
Backing up 'before.rules' to '/etc/ufw/before.rules.20180420_061904'
WARN: '/etc/ufw/user.rules' is world readableWARN: '/etc/ufw/after6.rules' is world readableWARN: '/etc/ufw/user6.rules' is world readableWARN: '/etc/ufw/before6.rules' is world readableWARN: '/etc/ufw/after.rules' is world readableWARN: '/etc/ufw/before.rules' is world readable
```
Well obviously the rules have been made readable [intentionally](https://dev.solus-project.com/source/ufw/browse/master/package.yml$18).
If the firewall it well configured, it should block the traffic, having the rules readable by anyone should be harmless. "Security by obscurity" is not security imo.
Security by obscurity is terrible on its own, but setting strong permissions is netsec 101. I don't see why that change would be made, especially when it makes ufw complain.
>>! In T6243#122829, #DataDrake wrote:
> We can set the permissions as needed for those files.
Actually by default the package sets the permissions to 640 on the rules, I checked a few distro like Arch and Fedora and they change it back to 644 and I guess there is a reason for this : [see here](https://dev.solus-project.com/R3074:4c6949316349befbfbc7ef0e886a1455d2a63118)
It's just a warning, not an error.
`ufw` only complains about it when it resets, which barely anyone does. ``` thinkpad in ~ ○ → ls -l /etc/ufw total 48 -rw-r--r-- 1 root root 915 Feb 1 2017 after6.rules -rw-r--r-- 1 root root 1126 Feb 1 2017 after.init -rw-r--r-- 1 root root 1004 Feb 1 2017 after.rules drwxr-xr-x 2 root root 4096 Apr 20 06:17 applications.d -rw-r--r-- 1 root root 6449 Feb 1 2017 before6.rules -rw-r--r-- 1 root root 1130 Feb 1 2017 before.init -rw-r--r-- 1 root root 2667 Feb 1 2017 before.rules -rw-r--r-- 1 root root 1941 Feb 1 2017 sysctl.conf -rw-r--r-- 1 root root 312 Feb 1 2017 ufw.conf -rw-r--r-- 1 root root 107 Feb 1 2017 user6.rules -rw-r--r-- 1 root root 307 Feb 1 2017 user.rules thinkpad in ~ ○ → sudo ufw reset Resetting all rules to installed defaults. Proceed with operation (y|n)? y Backing up 'user.rules' to '/etc/ufw/user.rules.20180420_061904' Backing up 'after6.rules' to '/etc/ufw/after6.rules.20180420_061904' Backing up 'user6.rules' to '/etc/ufw/user6.rules.20180420_061904' Backing up 'before6.rules' to '/etc/ufw/before6.rules.20180420_061904' Backing up 'after.rules' to '/etc/ufw/after.rules.20180420_061904' Backing up 'before.rules' to '/etc/ufw/before.rules.20180420_061904' WARN: '/etc/ufw/user.rules' is world readableWARN: '/etc/ufw/after6.rules' is world readableWARN: '/etc/ufw/user6.rules' is world readableWARN: '/etc/ufw/before6.rules' is world readableWARN: '/etc/ufw/after.rules' is world readableWARN: '/etc/ufw/before.rules' is world readable ```