Home Explore Help
Sign In
mirrors
/
borg
mirror of https://github.com/borgbackup/borg
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

limit create file permissions

Be safe by default, create files so that other users can't read them,
at least until the original permissions are set.
David Fries 10 years ago
parent
678fdd1d42
commit
f22b62c1a4
2 changed files with 3 additions and 0 deletions
Unified View Show Diff Stats
  1. 1 0
      CHANGES
  2. 2 0
      attic/archiver.py

+ 1 - 0
CHANGES
View File 

@@ -13,6 +13,7 @@ Version 0.14
 
 - Add MacPorts' path to the default openssl search path (#101)
 
 - Add MacPorts' path to the default openssl search path (#101)
 
 - HashIndex improvements, eliminates unnecessary IO on low memory systems.
 
 - HashIndex improvements, eliminates unnecessary IO on low memory systems.
 
 - Fix "Number of files" output for attic info. (#124)
 
 - Fix "Number of files" output for attic info. (#124)
 
+- limit create file permissions so files aren't read while restoring
 
 
 
 Version 0.13
 
 Version 0.13
 
 ------------
 
 ------------

+ 2 - 0
attic/archiver.py
View File 

@@ -186,6 +186,8 @@ Type "Yes I am sure" if you understand this and want to continue.\n""")
 
 
 
     def do_extract(self, args):
 
     def do_extract(self, args):
 
         """Extract archive contents"""
 
         """Extract archive contents"""
 
+        # be restrictive when restoring files, restore permissions later
 
+        os.umask(0o077)
 
         repository = self.open_repository(args.archive)
 
         repository = self.open_repository(args.archive)
 
         manifest, key = Manifest.load(repository)
 
         manifest, key = Manifest.load(repository)
 
         archive = Archive(repository, key, manifest, args.archive.archive,
 
         archive = Archive(repository, key, manifest, args.archive.archive,