Merge "Allow update_engine to create executable files."
diff --git a/main.cc b/main.cc
index 0da9fe2..516c72c 100644
--- a/main.cc
+++ b/main.cc
@@ -114,10 +114,11 @@
LOG(INFO) << "Chrome OS Update Engine starting";
// Ensure that all written files have safe permissions.
- // This is a mask, so we _block_ execute for the owner, and ALL
- // permissions for other users.
+ // This is a mask, so we _block_ all permissions for the group owner and other
+ // users but allow all permissions for the user owner. We allow execution
+ // for the owner so we can create directories.
// Done _after_ log file creation.
- umask(S_IXUSR | S_IRWXG | S_IRWXO);
+ umask(S_IRWXG | S_IRWXO);
chromeos_update_engine::UpdateEngineDaemon update_engine_daemon;
int exit_code = update_engine_daemon.Run();