From 5256b006312e4d06e11b49a8b128e9e550e54f31 Mon Sep 17 00:00:00 2001 From: Matthieu Moy Date: Mon, 22 Feb 2010 23:32:16 +0100 Subject: Use git_mkstemp_mode instead of plain mkstemp to create object files We used to unnecessarily give the read permission to group and others, regardless of the umask, which isn't serious because the objects are still protected by their containing directory, but isn't necessary either. Signed-off-by: Matthieu Moy Signed-off-by: Junio C Hamano --- sha1_file.c | 6 +++--- t/t1304-default-acl.sh | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/sha1_file.c b/sha1_file.c index 657825e14e..3316f282c6 100644 --- a/sha1_file.c +++ b/sha1_file.c @@ -2206,7 +2206,7 @@ int move_temp_to_file(const char *tmpfile, const char *filename) } out: - if (set_shared_perm(filename, (S_IFREG|0444))) + if (adjust_shared_perm(filename)) return error("unable to set permission to '%s'", filename); return 0; } @@ -2262,7 +2262,7 @@ static int create_tmpfile(char *buffer, size_t bufsiz, const char *filename) } memcpy(buffer, filename, dirlen); strcpy(buffer + dirlen, "tmp_obj_XXXXXX"); - fd = mkstemp(buffer); + fd = git_mkstemp_mode(buffer, 0444); if (fd < 0 && dirlen && errno == ENOENT) { /* Make sure the directory exists */ memcpy(buffer, filename, dirlen); @@ -2272,7 +2272,7 @@ static int create_tmpfile(char *buffer, size_t bufsiz, const char *filename) /* Try again */ strcpy(buffer + dirlen - 1, "/tmp_obj_XXXXXX"); - fd = mkstemp(buffer); + fd = git_mkstemp_mode(buffer, 0444); } return fd; } diff --git a/t/t1304-default-acl.sh b/t/t1304-default-acl.sh index 8472dbb44a..cc30be4a65 100755 --- a/t/t1304-default-acl.sh +++ b/t/t1304-default-acl.sh @@ -54,7 +54,7 @@ test_expect_success 'Setup test repo' ' git commit -m "init" ' -test_expect_failure 'Objects creation does not break ACLs with restrictive umask' ' +test_expect_success 'Objects creation does not break ACLs with restrictive umask' ' # SHA1 for empty blob check_perms_and_acl .git/objects/e6/9de29bb2d1d6434b8b29ae775ad8c2e48c5391 ' -- cgit v1.2.1