Matthieu Moy <Matthieu.Moy@xxxxxxxxxxxxxxx> writes: > I investigated a bit, and the problem seems to come from mkstemp, > which is used by write_pack_file to create the temporary file: files > created by mkstemp get an ACL umask of ---. > > Is it really a good idea to use mkstemp? We're inside > .git/object/pack, for which the user is supposed to have already set > correct permissions, so shouldn't we just create a random file name > and then use a plain open(...) to create the file, leaving the umask > do its job to control the permissions? Digging a bit further, I noticed that _object_ creation was doing a set_shared_perm(filename, (S_IFREG|0444)) thus ignoring the umask, and setting r--r--r-- for all objects, while _pack_ creation does roughly (in write_pack_file()) : mode_t mode = umask(0); mode = 0444 & ~mode; adjust_perm(pack_tmp_name, mode) Thus setting the permissions to r--X--X-- where X is defined by the umask. Is there any reason for this difference? I'd say we can rely on the containing directory's permissions, and do for pack what Git already does for objects. [ On a side note, I don't understand what the S_IFREG is doing in the call to set_shared_perm. It's passed to chmod, while S_IFREG is only documented in the manpage for stat() ... ] Thanks, -- Matthieu Moy http://www-verimag.imag.fr/~moy/ -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html