Regardless of which file level permissions one creates the user home directory root folder, the actual user folders themselves are always created with rwx r-x r-x, the idea being that privileges and dynamic shares are used to control access for users to their respective homes. This also allows for a "administrator" group that, for example, can access everyone's home.
However, from what I can tell this also means that any user can simply ssh into the box and have read access to everyone's home too. Is that correct? Why isn't this of any concern?
I should note that this is also the behaviour on Synology (from where I am migrating), so it looks like standard operating practice. I just don't understand how it's acceptable - is the expectation to disable ssh for all users except root (I just checked and this seems to be the case)?
A possibly related question: is there any reasonable situation when one would create a shared folder without the default 2775 permissions?