commit d70ba0920b693e6ae2b9b4da6f3fa61ab9e81f8f
Author: Daniel Kobras <d.kobras@science-computing.de>
Date:   Thu Nov 8 11:54:18 2012 +0100

    LU-2302 scripts: prevent lfs_migrate data disclosure
    
    Tighten umask to make sure temporary rsync files are created
    with strict permissions that don't grant access to unprivileged
    users.
    
    Signed-off-by: Daniel Kobras <d.kobras@science-computing.de>
    Change-Id: Ie662edfd615a24ce08cbddb9347f197de41d4d27

diff --git a/lustre/scripts/lfs_migrate b/lustre/scripts/lfs_migrate
index 969386e..f194be2 100755
--- a/lustre/scripts/lfs_migrate
+++ b/lustre/scripts/lfs_migrate
@@ -88,6 +88,12 @@ $RSYNC --help 2>&1 | grep -q acls && RSYNC_OPTS="$RSYNC_OPTS -A"
 # If rsync copies lustre xattrs in the future, then we can skip lfs (bug 22189)
 strings $(which $RSYNC) 2>&1 | grep -q lustre && LFS=:
 
+# rsync creates its temporary files with lenient permissions, even if
+# permissions on the original files are more strict. Tighten umask here
+# to avoid the brief window where unprivileged users might be able to
+# access the temporary file.
+umask 0077
+
 lfs_migrate() {
 	while read OLDNAME; do
 		$ECHO -n "$OLDNAME: "