With an improper umask users will create files with undesired permissions,
giving file access to anybody.  A decent umask is <tt>022</tt>, which
provides write access to the file owner, but only read access to group or
other.<p>This should be setup in the default shell startup files (such
as <tt>/etc/profile</tt> and <tt>/etc/csh.cshrc</tt>), and the default
shell skeleton files assigned to each user accounts are created.