From 224f95799c36f56c2165fe9284abaceaa84f1d3b Mon Sep 17 00:00:00 2001
From: Patrick Schleizer <adrelanos@riseup.net>
Date: Fri, 16 Aug 2019 11:15:25 -0400
Subject: [PATCH] sudo default umask 006

https://forums.whonix.org/t/change-default-umask/7416/43
---
 debian/control                    | 1 +
 etc/sudoers.d/umask-security-misc | 5 +++++
 2 files changed, 6 insertions(+)
 create mode 100644 etc/sudoers.d/umask-security-misc

diff --git a/debian/control b/debian/control
index 38bad35f..3998b1cf 100644
--- a/debian/control
+++ b/debian/control
@@ -149,6 +149,7 @@ Description: enhances misc security settings
  to read and write to newly created files.
  /etc/login.defs.security-misc
  /usr/share/pam-configs/usergroups-security-misc
+ /etc/sudoers.d/umask-security-misc
  .
   * Enables pam_umask.so usergroups so group permissions are same as user
  permissions. Debian by default uses User Private Groups (UPG).
diff --git a/etc/sudoers.d/umask-security-misc b/etc/sudoers.d/umask-security-misc
new file mode 100644
index 00000000..f06188db
--- /dev/null
+++ b/etc/sudoers.d/umask-security-misc
@@ -0,0 +1,5 @@
+## Copyright (C) 2019 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
+## See the file COPYING for copying conditions.
+
+Defaults umask = 006
+Defaults umask_override