I’m honestly baffled by the unresponsiveness by Anaconda to this issue but maybe if I post it here enough eyes will see it and be concerned to get it fixed.
After months of unresponsiveness regarding world-writable permissions configured by the installation of Anaconda and Miniconda in linux I created a CVE for the issue. The CVE in the NVD is here:
https://nvd.nist.gov/vuln/detail/CVE-2023-35845
And technical details under my personal blog since all of the work was done for any testing: