We just had a posting on the kernel security list where a person was upset that the 2.6.19.1 and .2 tar-files were apparently group and world-writable. Now, the default kernel releases don't do that (at least any more), because I've got [tar] umask=022 in my git config file these days, but the stable team apparently doesn't. Looking at some of the tar-files I have lying around, they all seem to have used that 022 umask, and maybe we should just change the git default to that? Anybody who wants to, can get the zero umask by just using the config file, but maybe the default should be the common case, and the case that isn't as likely to be a security issue if you untar it. GNU tar has a "--no-same-permissions" flag to use the user umask at untar time, but I think that's a GNU-tar specific feature (at least I can't see any short flag to do the same), and I have to admit that I've _never_ used it even though I've used "tar" a long time, so at least going by my personal experience, I'd say it's very uncommon for people to use it. The trivial untested patch below should do it. Linus --- diff --git a/archive-tar.c b/archive-tar.c index af47fdc..d4a2fa4 100644 --- a/archive-tar.c +++ b/archive-tar.c @@ -15,7 +15,7 @@ static char block[BLOCKSIZE]; static unsigned long offset; static time_t archive_time; -static int tar_umask; +static int tar_umask = 022; static int verbose; /* writes out the whole block, but only if it is full */ - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html