Closed weseven closed 6 months ago
No - distros like debian may get caught off guard. There's nothing wrong with downstreams patching their values in their deltas. We do not lightly make changes which change defaults.
Understood, thanks for taking a look. Is there a possibility this change will be applied here in the future, and in the meantime give maintainers a notice that this will happen after some releases?
I still think it's a better default value than leaving it unset, and its impact is limited to useradd and newusers. I understand your concern in possibly changing historic behavior and respecting downstream maintainers, but it's also a downstream maintainer responsibility to read upstream changes and adapt the defaults to the distro expected use case.
Since the introduction of https://github.com/shadow-maint/shadow/pull/209, many distros started to set HOME_MODE by default:
I propose to set it to 0700 or at least 0750 by default, since it is a security best practice and it's something often tested by security benchmarks (e.g., CIS Benchmarks).