{"description": "The umask setting controls the default permissions\nfor the creation of new files.\nWith a default <tt>umask</tt> setting of 077, files and directories\ncreated by users will not be readable by any other user on the\nsystem. Users who wish to make specific files group- or\nworld-readable can accomplish this by using the chmod command.\nAdditionally, users can make all their files readable to their\ngroup by default by setting a <tt>umask</tt> of 027 in their shell\nconfiguration files. If default per-user groups exist (that is, if\nevery user has a default group whose name is the same as that\nuser's username and whose only member is the user), then it may\neven be safe for users to select a <tt>umask</tt> of 007, making it very\neasy to intentionally share files with groups of which the user is\na member.\n<br /><br />", "warnings": [], "requires": [], "conflicts": [], "values": ["var_accounts_user_umask"], "groups": {}, "rules": ["accounts_umask_etc_bashrc", "accounts_umask_etc_csh_cshrc", "accounts_umask_etc_login_defs", "accounts_umask_etc_profile", "accounts_umask_interactive_users", "accounts_umask_root"], "platform": "system_with_kernel", "platforms": ["system_with_kernel"], "inherited_platforms": [], "cpe_platform_names": ["system_with_kernel"], "title": "Ensure that Users Have Sensible Umask Values", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/accounts/accounts-session/user_umask/group.yml"}