I've merged into a feature branch (hardened/current/sensitive) a merge request from Loic that hardens file and directory permissions for a handful of files/directories.
I plan to let the feature branch soak for around two months, giving the HardenedBSD community time to test the changes prior to them landing. Of course, should issues arise, we'll take care of them.
I've enabled binary updates for that feature branch and I've configured the auto-sync application to sync the branch along with all the other branches every six hours.
The feature branch will share the same package repo as hardened/current/master (aka, HardenedBSD 14-CURRENT). If you track 14-CURRENT, please help test the hardened/current/sensitive branch.
Attached to this email are the two hbsd-update config files: one for normal hbsd-update users, and another for Tor users.