DevComp/zip-rs-wasm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix: Remove a window when an extracted directory might be unexpectedly listable and/or cdable by non-owners

Browse source
This commit is contained in:
Chris Hennick 2024-05-10 16:25:31 -07:00
parent c0691ec1e5
commit 137672cb29
No known key found for this signature in database
GPG key ID: DA47AABA4961C509
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/read.rs
View file

@ -711,7 +711,7 @@ impl<R: Read + Seek> ZipArchive<R> {
{ {
// Dirs must be writable until all normal files are extracted // Dirs must be writable until all normal files are extracted
use std::os::unix::fs::PermissionsExt; use std::os::unix::fs::PermissionsExt;
std::fs::set_permissions(outpath.as_ref(), std::fs::Permissions::from_mode(0o755))?; std::fs::set_permissions(outpath.as_ref(), std::fs::Permissions::from_mode(0o700))?;
} }
Ok(()) Ok(())
} }