From 62b80506406056e331a7619666ff4a69b645037c Mon Sep 17 00:00:00 2001
From: Mitch Capper <mitch.capper@gmail.com>
Date: Sun, 15 Mar 2015 10:19:15 -0700
Subject: [PATCH] Change windows default permissions to 755 not 711, read
 access for all poses little security risk and prevents breaking existing
 Dockerfiles

Signed-off-by: Mitch Capper <mitch.capper@gmail.com>
Upstream-commit: b7dc9040f04fe8dacd2f14c6b93d1b0bb6bde333
Component: engine
---
 components/engine/integration-cli/test_vars_windows.go |  4 ++--
 components/engine/pkg/archive/archive_windows.go       |  5 ++---
 components/engine/pkg/archive/archive_windows_test.go  | 10 +++++-----
 3 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/components/engine/integration-cli/test_vars_windows.go b/components/engine/integration-cli/test_vars_windows.go
index 3cad4bceef..f81ac53cc3 100644
--- a/components/engine/integration-cli/test_vars_windows.go
+++ b/components/engine/integration-cli/test_vars_windows.go
@@ -6,6 +6,6 @@ const (
 	// identifies if test suite is running on a unix platform
 	isUnixCli = false
 
-	// this is the expected file permission set on windows: gh#11047
-	expectedFileChmod = "-rwx------"
+	// this is the expected file permission set on windows: gh#11395
+	expectedFileChmod = "-rwxr-xr-x"
 )
diff --git a/components/engine/pkg/archive/archive_windows.go b/components/engine/pkg/archive/archive_windows.go
index 96a93ee7af..6caef3b735 100644
--- a/components/engine/pkg/archive/archive_windows.go
+++ b/components/engine/pkg/archive/archive_windows.go
@@ -28,10 +28,9 @@ func CanonicalTarNameForPath(p string) (string, error) {
 // chmodTarEntry is used to adjust the file permissions used in tar header based
 // on the platform the archival is done.
 func chmodTarEntry(perm os.FileMode) os.FileMode {
-	// Clear r/w on grp/others: no precise equivalen of group/others on NTFS.
-	perm &= 0711
+	perm &= 0755
 	// Add the x bit: make everything +x from windows
-	perm |= 0100
+	perm |= 0111
 
 	return perm
 }
diff --git a/components/engine/pkg/archive/archive_windows_test.go b/components/engine/pkg/archive/archive_windows_test.go
index 0c97a1040d..b33e0fb005 100644
--- a/components/engine/pkg/archive/archive_windows_test.go
+++ b/components/engine/pkg/archive/archive_windows_test.go
@@ -51,11 +51,11 @@ func TestChmodTarEntry(t *testing.T) {
 	cases := []struct {
 		in, expected os.FileMode
 	}{
-		{0000, 0100},
-		{0777, 0711},
-		{0644, 0700},
-		{0755, 0711},
-		{0444, 0500},
+		{0000, 0111},
+		{0777, 0755},
+		{0644, 0755},
+		{0755, 0755},
+		{0444, 0555},
 	}
 	for _, v := range cases {
 		if out := chmodTarEntry(v.in); out != v.expected {