Comment 8 for bug 481825

I disagree. Security and convenience usually do not go together; a default umask of 022 is a nice middle-term: by default you can see other user's directories and files, but you cannot *change* them.

On my laptop this is a perfectly acceptable umask. On my servers I usually force a default umask of 077 -- meaning that by *default* only the creator/owner has *any* access to files created by him/her.

As *you* want more lockdown, others would rather have less.

BTW, 'umask' is set for the session (terminal, login), not for a particular directory.