From c1e604a2dcbd2d1589302f0ff079463f86c95cc6 Mon Sep 17 00:00:00 2001
From: Diogo Peralta Cordeiro <mail@diogo.site>
Date: Mon, 26 Jul 2021 21:33:14 +0100
Subject: [PATCH] [HttpFoundation] File: Add settable permissions and adopt
 stricter defaults

---
 src/Symfony/Component/HttpFoundation/File/File.php     | 10 +++++-----
 .../Component/HttpFoundation/File/UploadedFile.php     |  8 ++++----
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/src/Symfony/Component/HttpFoundation/File/File.php b/src/Symfony/Component/HttpFoundation/File/File.php
index e8ce4bcf80..9b64c3328c 100644
--- a/src/Symfony/Component/HttpFoundation/File/File.php
+++ b/src/Symfony/Component/HttpFoundation/File/File.php
@@ -82,9 +82,9 @@ class File extends \SplFileInfo
      *
      * @throws FileException if the target file could not be created
      */
-    public function move(string $directory, string $name = null): self
+    public function move(string $directory, string $name = null, int $dirmode = 0755, int $filemode = 0644): self
     {
-        $target = $this->getTargetFile($directory, $name);
+        $target = $this->getTargetFile($directory, $name, $dirmode);
 
         set_error_handler(function ($type, $msg) use (&$error) { $error = $msg; });
         try {
@@ -96,7 +96,7 @@ class File extends \SplFileInfo
             throw new FileException(sprintf('Could not move the file "%s" to "%s" (%s).', $this->getPathname(), $target, strip_tags($error)));
         }
 
-        @chmod($target, 0666 & ~umask());
+        @chmod($target, $filemode & ~umask());
 
         return $target;
     }
@@ -112,10 +112,10 @@ class File extends \SplFileInfo
         return $content;
     }
 
-    protected function getTargetFile(string $directory, string $name = null): self
+    protected function getTargetFile(string $directory, string $name = null, int $dirmode = 0755): self
     {
         if (!is_dir($directory)) {
-            if (false === @mkdir($directory, 0777, true) && !is_dir($directory)) {
+            if (false === @mkdir($directory, $dirmode, true) && !is_dir($directory)) {
                 throw new FileException(sprintf('Unable to create the "%s" directory.', $directory));
             }
         } elseif (!is_writable($directory)) {
diff --git a/src/Symfony/Component/HttpFoundation/File/UploadedFile.php b/src/Symfony/Component/HttpFoundation/File/UploadedFile.php
index 11dad4a9a3..28e819d84d 100644
--- a/src/Symfony/Component/HttpFoundation/File/UploadedFile.php
+++ b/src/Symfony/Component/HttpFoundation/File/UploadedFile.php
@@ -158,14 +158,14 @@ class UploadedFile extends File
      *
      * @throws FileException if, for any reason, the file could not have been moved
      */
-    public function move(string $directory, string $name = null): File
+    public function move(string $directory, string $name = null, int $dirmode = 0755, int $filemode = 0644): File
     {
         if ($this->isValid()) {
             if ($this->test) {
-                return parent::move($directory, $name);
+                return parent::move($directory, $name, $dirmode, $filemode);
             }
 
-            $target = $this->getTargetFile($directory, $name);
+            $target = $this->getTargetFile($directory, $name, $dirmode);
 
             set_error_handler(function ($type, $msg) use (&$error) { $error = $msg; });
             try {
@@ -177,7 +177,7 @@ class UploadedFile extends File
                 throw new FileException(sprintf('Could not move the file "%s" to "%s" (%s).', $this->getPathname(), $target, strip_tags($error)));
             }
 
-            @chmod($target, 0666 & ~umask());
+            @chmod($target, $filemode & ~umask());
 
             return $target;
         }