From 34d5fc050d8d97c5cc313a7c4b928b986a9e9e7c Mon Sep 17 00:00:00 2001
From: "Rune K. Svendsen" <runesvend@gmail.com>
Date: Wed, 4 Jun 2014 13:16:07 +0200
Subject: [PATCH] Add option to disable 077 umask (create new files with system
 default umask)

The option is only effective for either wallet-less builds or if
-disablewallet is specified as well.
---
 src/init.cpp | 31 +++++++++++++++++++++++++++++--
 1 file changed, 29 insertions(+), 2 deletions(-)

diff --git a/src/init.cpp b/src/init.cpp
index 840a07d610b..226456b6726 100644
--- a/src/init.cpp
+++ b/src/init.cpp
@@ -210,6 +210,13 @@ std::string HelpMessage(HelpMessageMode hmm)
     strUsage += "  -pid=<file>            " + _("Specify pid file (default: bitcoind.pid)") + "\n";
     strUsage += "  -reindex               " + _("Rebuild block chain index from current blk000??.dat files") + " " + _("on startup") + "\n";
     strUsage += "  -txindex               " + _("Maintain a full transaction index (default: 0)") + "\n";
+#if !defined(WIN32)
+#ifdef ENABLE_WALLET
+    strUsage += "  -laxperms              " + _("Create new files with system default permissions, instead of umask 077 (only effective with -disablewallet)") + "\n";
+#else
+    strUsage += "  -laxperms              " + _("Create new files with system default permissions, instead of umask 077") + "\n";
+#endif
+#endif
 
     strUsage += "\n" + _("Connection options:") + "\n";
     strUsage += "  -addnode=<ip>          " + _("Add a node to connect to and attempt to keep the connection open") + "\n";
@@ -422,8 +429,6 @@ bool AppInit2(boost::thread_group& threadGroup)
     }
 #endif
 #ifndef WIN32
-    umask(077);
-
     // Clean shutdown on SIGTERM
     struct sigaction sa;
     sa.sa_handler = HandleSIGTERM;
@@ -587,6 +592,28 @@ bool AppInit2(boost::thread_group& threadGroup)
 #endif
     // ********************************************************* Step 4: application initialization: dir lock, daemonize, pidfile, debug log
 
+#ifndef WIN32
+    bool fCanUseLaxPerms = false;
+
+#ifdef ENABLE_WALLET
+    if (fDisableWallet)
+        fCanUseLaxPerms = true;
+#else
+    fCanUseLaxPerms = true;
+#endif //ENABLE_WALLET
+
+    if (!GetBoolArg("-laxperms", false)) {
+        umask(077);
+    } else {
+        if (fCanUseLaxPerms) {
+            LogPrintf("Using non-restrictive permissions (not setting umask to 077)\n");
+        } else {
+            umask(077);
+            InitWarning("Using non-restrictive permissions is not allowed without -disablewallet\n");
+        }
+    }
+#endif //WIN32
+
     std::string strDataDir = GetDataDir().string();
 #ifdef ENABLE_WALLET
     // Wallet file must be a plain filename without a directory