/etc/login.defs is for shell users
That makes sense. Thanks for your explanation.
You can override the default umask by configuring /etc/apache2/envvars. If you prfer, it also works to override the umask in /etc/init.d/apache2 which will be inherited to Apache.
Then my suggestion is to change the default setting for Apache to something like UMask=0027 (systemd) in the future. Alternatively this has to be done in every single package that is affected by the default umask of 022.
Right now I don't see any reason why it is not sufficient that files created by www-data are readable by others then www-data per default.
-- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
