From f49c9d7cd1d33586fbd106057a894b3effc04331 Mon Sep 17 00:00:00 2001 From: Andrew Price Date: Sat, 31 Aug 2024 18:35:15 +0100 Subject: [PATCH] unix: Don't create world-writable files when safe save is enabled When the "filesystem/on_save/safe_save_on_backup_then_rename" option is enabled files are created with 0666 permissions (-rw-rw-rw-) which is too loose. Use 0644 (-rw-r--r--) instead which is how the files would normally be created with the setting disabled and the system umask taken into account. --- drivers/unix/file_access_unix.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/unix/file_access_unix.cpp b/drivers/unix/file_access_unix.cpp index 32f2d7dd79a..5c6c04e0beb 100644 --- a/drivers/unix/file_access_unix.cpp +++ b/drivers/unix/file_access_unix.cpp @@ -97,7 +97,7 @@ Error FileAccessUnix::open_internal(const String &p_path, int p_mode_flags) { last_error = ERR_FILE_CANT_OPEN; return last_error; } - fchmod(fd, 0666); + fchmod(fd, 0644); path = String::utf8(cs.ptr()); f = fdopen(fd, mode_string);