The umask 022 settings will by default create files and folders that are read to all users on the system. I don't see any reason why this would even be default on non-hardened systems (well except for maybe apache, which with the correct mpm can be forked to the user), but especially on hardened systems this seems like a security issue to me. If there is no obvious reason to not set the umask to 077 by default, I hope this will at least change in hardened... Reproducible: Always
*** This bug has been marked as a duplicate of bug 69783 ***