So I'm getting the strong idea that is a combination of the UMASK not being set in that file or HOME_MODE not being defined that caused another user being able to the enter the homedir of another user. Which then allowed that user to read the files of that user because they were world readable. The part about why graphical applications don't use the default umask set by a user is another story but which I got working with several different displaymanagers in my Debian vm.
I gather this is a correct summary :
1. The current situation for users
The defaults in all the distros, for which the people following this thread are familiar, leave users with world readable files, and for programs launched from the GUI the users have no choice about this.
As most users use the GUI, and the distro defaults are by far the most common - we can expect that if we walk up to just about any Linux machine on the planet, if we have a user account on that machine, even if it is not privileged, we can read all the other user's files.
2. In contrast, users can control programs launched from a shell.
There are two workarounds for users who are willing to discipline themselves to use the command line.
For one, as Tom pointed out above, the user still owns his or her files, and may manually change their permissions. Those files will be world readable until they are changed.
The second is to set an appropriate umask in ~/.profile, log in again, **and then only launch programs from a shell command line**. If a user accidentally launches a program from the launcher, then the files created by it will be world readable, perhaps sitting right alongside others written by programs launched from the shell that are not.
3. An Administrator may force the desktop launcher to use a different umask.
An administrator can change the umask used by the desktop launcher to something else. (This was never in doubt, and was not the question.) Again, for this new umask the user will still have to live whatever the system sets, as all programs run from the desktop launcher will use it.
For administrators who want to force a different umask to be used by the desktop launcher, add the line "session optional pam_umask.so" to the file /etc/pam.d/common-session. Then change UMASK in /etc/login.defs to 0007, or something similar to so that files will not be world readable.
4. Another related topic has now been raised, that of home directory creation permissions, as explained above in this thread, an administrator may modify /etc/login.defs such that new home directories have permissions other than the default of 022.
If the admin takes away execute, than other users will not be able to cd to the directory, and if the admin takes away read, others will not be able to read the directory. But be careful to note! : new files do *not* inherit the permissions from the directory they are in. New files take their permissions from the umask - and the user has no control over the umask used by the desktop launcher. Note earlier points.
Also, because a user owns his or her home directory, he or she may changed the permissions on it after it is created.
This has a nuanced effect. Without other changes, files in the home directory will continue to be made world readable. It is just that other users will have difficulty getting to them. In the past it was still possible to find other user files through inodes found in the directory files. I do not know if today there are any guarantees that readable files in unreadable directories will be unreadable as a consequence of the other user not having a path through the directory tree for getting to them.
Again, this is tangential to the original question (how can a user set the umask for processes launched from the GUI - or rather if there is a distro that allows this). It might be a work around, though it begs questions. It certainly doesn't feel good to be making world readable files, and then despite the explicit permissions saying they are world readable, we say they are actually unreadable because these files can not be gotten to due to permissions on a directory in the path while trying to get to them.
-------
in brief:
1. users have no choice, files made by programs launched by the desktop launcher will be world readable (just try it ... jeeze).
2. and perhaps as evidenced by this thread, there is a lot of confusion among Linux admins as to how unix permissions work. And perhaps they may be forgiven, as the Linux setup is complex and nuanced.
3. despite all said in this thread, for all distros mentioned in this thread, #1 in this list remains a fact.