>> I think documentation is the wrong answer. The security defects are not caused
>> by programs using mode 0666 - which they should do by default - but by the
>> user having set their umask incorrectly. Ruby should not attempt to prevent this
>> user error. There are situations where it's legal to create a file, but because of
>> setuid mode on the directory, it's not possible for the program to chmod the new
>> file. This problem can only be avoided by using the correct mode at creation.
>
> Is there a situation that we needs world writable bit set by umask
> configuration?
>
> I'm considering to change 0600 to 0664.

Hmmm...

If I understand correctly, default umask don't allow world writable
permission. Thus, if 0664 and 0666 make a different only when users
changed umask intentionally. So, I don't think it's good idea to
ignore it.

So, I like 0666 at most, and 0600 at next. but don't like 0664 so much.