From 2608eb4e1c5de6cfd30050a55df4ada31465e670 Mon Sep 17 00:00:00 2001
From: Stephen Seo <seo.disparate@gmail.com>
Date: Wed, 26 Feb 2025 18:42:45 +0900
Subject: [PATCH] Set umask on compression-temp-file

Previous behavior created temp files (for compression) with default
permissions. This commit uses umask to keep only permissions for the
user and deny permissions to others (and restores the umask after
creation of the temp file).
---
 src/helpers.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/helpers.c b/src/helpers.c
index 9ec87c2..e4b5921 100644
--- a/src/helpers.c
+++ b/src/helpers.c
@@ -905,7 +905,9 @@ FILE *simple_archiver_helper_temp_dir(const SDArchiverParsed *parsed,
     }
   } while (1);
 
+  mode_t prev_umask = umask(S_IRWXG | S_IRWXO);
   FILE *temp_file = fopen(temp_filename, "w+b");
+  umask(prev_umask);
 
   if (temp_file) {
     if (out_temp_filename) {
-- 
2.49.0