change default umask to 027

as per:

https://forums.whonix.org/t/change-default-umask/7416/47

debian/control

@@ -146,7 +146,7 @@ Description: enhances misc security settings
  .
  access rights restrictions:
  .
-  * The default umask is changed to 006. This allows only the owner and group
+  * The default umask is changed to 027. This allows only the owner and group
  to read and write to newly created files.
  /etc/login.defs.security-misc
  /usr/share/pam-configs/usergroups-security-misc
@@ -157,8 +157,8 @@ Description: enhances misc security settings
  https://wiki.debian.org/UserPrivateGroups
  /usr/share/pam-configs/usergroups-security-misc
  .
-  * Create home directory on login with umask 006 using
- pam_mkhomedir.so umask=006
+  * Create home directory on login with umask 027 using
+ pam_mkhomedir.so umask=027
  /usr/share/pam-configs/mkhomedir-security-misc
  .
   * Removes read, write and execute access for others for all users who have

etc/login.defs.security-misc

@@ -148,7 +148,7 @@ TTYPERM		0600
 #
 ERASECHAR	0177
 KILLCHAR	025
-UMASK		  006
+UMASK		  027
 
 #
 # Password aging controls:

etc/sudoers.d/umask-security-misc

@@ -1,5 +1,5 @@
 ## Copyright (C) 2019 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
 ## See the file COPYING for copying conditions.
 
-Defaults umask = 006
+Defaults umask = 027
 Defaults umask_override

usr/share/pam-configs/mkhomedir-security-misc

@@ -4,4 +4,4 @@ Priority: 100
 Session-Type: Additional
 Session-Interactive-Only: yes
 Session:
-	optional	pam_mkhomedir.so umask=006
+	optional	pam_mkhomedir.so umask=027

usr/share/pam-configs/usergroups-security-misc

@@ -1,6 +1,6 @@
-Name: change default umask to 006 (by package security-misc)
+Name: change default umask to 027 (by package security-misc)
 Default: yes
 Priority: 256
 Session-Type: Additional
 Session:
-	optional	pam_umask.so	usergroups umask=006
+	optional	pam_umask.so	usergroups umask=027