Thank you for using ufw and taking the time to report a bug.
This would also affect /etc/ufw, btw. Though I disagree that this is a security vulnerability (it is easy enough to figure out the general firewall policy is if you have login access to the machine). The files are world-readable for administrative purposes. That said, I do think it would be a security enhancement to make the directories 750, and plan to do that. This will give hints to distributions to chgrp the directories to an administrative group.
Thank you for using ufw and taking the time to report a bug.
This would also affect /etc/ufw, btw. Though I disagree that this is a security vulnerability (it is easy enough to figure out the general firewall policy is if you have login access to the machine). The files are world-readable for administrative purposes. That said, I do think it would be a security enhancement to make the directories 750, and plan to do that. This will give hints to distributions to chgrp the directories to an administrative group.