From 85a9254d3a21a8ec0468a0c8f1985649866fde75 Mon Sep 17 00:00:00 2001 From: Brad Barden Date: Wed, 18 Nov 2015 20:49:07 -0600 Subject: [PATCH] tar: extract creation mode mode for newly-created files should be restrictive. chmod is always called soon after to set correct mode from the archive. --- tar.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tar.c b/tar.c index 1943e18..de58247 100644 --- a/tar.c +++ b/tar.c @@ -270,7 +270,7 @@ unarchive(char *fname, ssize_t l, char b[BLKSIZ]) case RESERVED: if ((mode = strtol(h->mode, &p, 8)) < 0 || *p != '\0') eprintf("strtol %s: invalid number\n", h->mode); - fd = open(fname, O_WRONLY | O_TRUNC | O_CREAT, 0644); + fd = open(fname, O_WRONLY | O_TRUNC | O_CREAT, 0600); if (fd < 0) eprintf("open %s:", fname); if (fchmod(fd, mode) < 0)