From e1c998cc328979b154cee78d4a8ebb93ce06b7b3 Mon Sep 17 00:00:00 2001
From: Sergey Matveev <stargrave@stargrave.org>
Date: Wed, 3 Aug 2022 12:19:37 +0300
Subject: [PATCH] Use os.CreateTemp with os.Chmod afterwards

---
 main.go |  4 ++++
 tmp.go  | 14 ++++++++++----
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/main.go b/main.go
index bfebadf..8791af0 100644
--- a/main.go
+++ b/main.go
@@ -62,6 +62,7 @@ var (
 	Cwd       string
 	BuildUUID string
 	IsTopRedo bool // is it the top redo instance
+	UmaskCur  int
 )
 
 func mustSetenv(key string) {
@@ -134,6 +135,9 @@ func main() {
 	}
 	log.SetFlags(log.Lshortfile)
 
+	UmaskCur = syscall.Umask(0)
+	syscall.Umask(UmaskCur)
+
 	var err error
 	Cwd, err = os.Getwd()
 	if err != nil {
diff --git a/tmp.go b/tmp.go
index 1d8a3f2..45bf32d 100644
--- a/tmp.go
+++ b/tmp.go
@@ -21,7 +21,6 @@ package main
 
 import (
 	"os"
-	"path"
 	"strconv"
 	"time"
 )
@@ -31,7 +30,14 @@ func tempsuffix() string {
 }
 
 func tempfile(dir, prefix string) (*os.File, error) {
-	// It respects umask, unlike ioutil.TempFile
-	name := path.Join(dir, TmpPrefix+prefix+"."+tempsuffix())
-	return os.OpenFile(name, os.O_RDWR|os.O_CREATE|os.O_EXCL, os.FileMode(0666))
+	tmp, err := os.CreateTemp(dir, prefix)
+	if err != nil {
+		return nil, err
+	}
+	err = os.Chmod(tmp.Name(), os.FileMode(0666&^UmaskCur))
+	if err != nil {
+		tmp.Close()
+		return nil, err
+	}
+	return tmp, nil
 }
-- 
2.44.0