Comment 1 for bug 48734

This is done by adduser, actually, not by any installer component. In expert mode I believe you should get a prompt about it.

However, I do maintain that the default is correct. On most multi-user systems, there is some level of cooperation (if not trust) among the users - they'll be members of the same family, or friends, or co-workers, or whatever - and it is useful for them to be able to share files reasonably conveniently (e-mail is an awful solution to this). It's easier to create a private directory for the things you don't want to be public than it is to figure out how to open up your home directory so that just a few things can be read. (I use quite a lot of multi-user Unix systems on a regular basis, both at work and among my family and friends, and it's far more common for me to want things accessible to other users than it is for me to want them to be inaccessible.)

There are certainly systems where this is not appropriate (large multi-user systems where you pay for a shell account), but they are generally run by competent system administrators who know how to lock things down.

For permissions on new files created by touch et al, set 'umask 077' in your shell startup files if you want them to be mode 600 by default.