As a data point, apport creates /var/crash as world-writable in postinst:
if [ "$1" = configure ]; then
# directory is required for package failures even if apport is disabled
mkdir -p -m 1777 /var/crash
fi
And it chmods it in the init script:
chmod 1777 /var/crash
OTOH, this directory is only accessible to trusted users on stock
FreeBSD:
drwxr-x--- 2 root wheel 2 Jul 2 2018 /var/crash/
So I imagine there's software out there that assumes this directory has
safe permissions.
What a mess...
--
Jakub Wilk
