Ludovic Courtès writes: > Hi Alex, > > Alex Griffin skribis: > >> After a default install of GuixSD, anybody can read root's home >> directory. I think /root should have permissions 700 instead of 755. > > Fixed in 41db5a756369f5b14d1e67a523ee0940cad56744. > > For the other user accounts, useradd(8) does its thing, and apparently > it defaults to world-readable accounts (it defaults to a umask of 022 as > written in the man page). > > Thoughts? I'm in favor of overriding that default. I usually chmod /home/* to 0700 anyway. 0750 would be okay too and probably covers more use cases.