While the default mode of 0666 guarantees maximum compatibility, it can become a security hazard in the case of new, unknown device names. An example are device-mapper entries created by lvm2 in the mapper/ subdir. Those are not handled by the default version of udev.permissions, and so are readable and writable for everyone. While this can be fixed by adding "mapper/*:root:disk:660" to udev.premissions, similar problems might occur in the future. You should really reconsider if a default mode of 0666 is acceptable. Reproducible: Always Steps to Reproduce: 1. create lvm2 volumes 2. use udev Actual Results: nodes are set to root:root:0666 Expected Results: nodes should be set to root:disk:0660
Ok, I've checked this in. If you remerge you will pick up the new config file with the perms changed.