From 0255c717c8e2b5379a10cce5289e088278521baa Mon Sep 17 00:00:00 2001
From: aoezyetimoglu <ali.oezyetimoglu@iqser.com>
Date: Wed, 29 Sep 2021 17:28:43 +0200
Subject: [PATCH] RED-2315: made sure publicly writable directories are used
 safely

---
 .../v1/server/utils/FileSystemBackedArchiver.java          | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/persistence-service-v1/persistence-service-server-v1/src/main/java/com/iqser/red/service/peristence/v1/server/utils/FileSystemBackedArchiver.java b/persistence-service-v1/persistence-service-server-v1/src/main/java/com/iqser/red/service/peristence/v1/server/utils/FileSystemBackedArchiver.java
index dc695ec0e..2d75360cc 100644
--- a/persistence-service-v1/persistence-service-server-v1/src/main/java/com/iqser/red/service/peristence/v1/server/utils/FileSystemBackedArchiver.java
+++ b/persistence-service-v1/persistence-service-server-v1/src/main/java/com/iqser/red/service/peristence/v1/server/utils/FileSystemBackedArchiver.java
@@ -6,6 +6,10 @@ import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 
 import java.io.*;
+import java.nio.file.Files;
+import java.nio.file.attribute.FileAttribute;
+import java.nio.file.attribute.PosixFilePermission;
+import java.nio.file.attribute.PosixFilePermissions;
 import java.util.Arrays;
 import java.util.HashSet;
 import java.util.List;
@@ -22,7 +26,8 @@ public class FileSystemBackedArchiver implements AutoCloseable {
 
     @SneakyThrows
     public FileSystemBackedArchiver() {
-        tempFile = File.createTempFile("archive", ".zip");
+        FileAttribute<Set<PosixFilePermission>> attr = PosixFilePermissions.asFileAttribute(PosixFilePermissions.fromString("rwx------"));
+        tempFile = Files.createTempFile("archive", ".zip", attr).toFile();
         zipOutputStream = new ZipOutputStream(new FileOutputStream(tempFile));
     }