[RFE] Set `HOME_MODE` to 0700 in /etc/login.defs to avoid world-readable home directories

[weseven]

Current situation

Currently the definition of HOME_MODE is commented in /etc/login.defs, and this causes useradd to use the default umask 022 when creating users and their home directories, resulting in world-readable home directories (that get flagged in security assessments).

/etc/login.defs is part of the sys-apps/shadow package, https://packages.gentoo.org/packages/sys-apps/shadow, which does not change the HOME_MODE from the upstream https://github.com/shadow-maint/shadow: https://github.com/shadow-maint/shadow/blob/3e59e9613ec40c51c19c7bb5c28468e33a4529d5/etc/login.defs#L207

Impact

When creating users through ignition, this results in world-readable home directories for users, which goes against security best practices.

Ideal future situation

HOME_MODE is set to 0700 (as happens in the majority of other distros) and home directories have stricter access permissions.

Implementation options

PR either to the gentoo package or the upstream package to have HOME_MODE set to 0700 by default.

Edit: opened PR in gentoo https://github.com/gentoo/gentoo/pull/35231

Additional information

Thanks to Kai Lüke on the slack channel for pointing at the right package.

[invidian]

I wonder if that should become part of Butane specs, so it's actually possible to specify it for users created by boot config.