Set umask when runnning repository commands

Repository file permissions should only allow write to the owner, read
to the owner's group, and no access for anyone else.

diff --git a/repo_shell.c b/repo_shell.c
index 7d34e576e7e122782ed7eef5229eef23b82f18c2..e4918b30fb06ac458df7ff55b2596c0310437ff6 100644 (file)
--- a/repo_shell.c
+++ b/repo_shell.c
@@ -18,6 +18,8 @@
 #define SHELL "/bin/bash"
 #define GIT_ACL_FILE ".gitacls"
 
+enum { REPO_UMASK = 027 };
+
 typedef struct {
   char *user;
   char *svn_root;
@@ -94,6 +96,7 @@ static int do_git_cmd(const char *cmd, char *arg, char *user)
     die("bad command");
 
   change_user(cfg.owner);
+  umask(REPO_UMASK);
   if (!git_check_access(cmd, arg, user))
     die("insufficient ACL permissions");
 
@@ -116,6 +119,7 @@ static int do_svnserve_cmd(const char *cmd, char *arg, char *user)
   int ret;
 
   change_user(cfg.owner);
+  umask(REPO_UMASK);
   return execvp(svnserve_argv[0], (char *const *) svnserve_argv);
 }