I prefer to set my umask
to 077
so no one can read my files. For
the most part, using sudo
(which inherits the umask
) works just
fine. Except when using e.g. vim sudo
where it make sense to
respect the umask, I hadn't run into trouble. Until now.
It seems sudo update-alternatives
results in
/var/lib/dpkg/alternatives/*
no longer being readable by anyone but
root, which is not quite what I intended. So I had to figure out how
to make sudo
play nice with umask
without setting a default
umask
in the sudoers
file.
The solution I came up with: umask 022
in ~root/.profile
and using
sudo -i
when I don't want my user's umask
to be used.
- Felix