I disagree with the quintuple counting...it's not really an epic fail. It seems relatively minor to me. Consider this: if the program is running as a user that doesn't own that directory, it can't change the permissions on it. This dude is saying it's okay if the OS is giving the program the access to change the permissions on the directory, but it's not okay to use that power to write to a directory. "Imagine if it were My Documents" is silly- don't run the program as root...
In any case, the polite hacker thing to do would be to set the permissions back to what they used to be after you write the file. That's why they invented the variable name temp.
In any case, the polite hacker thing to do would be to set the permissions back to what they used to be after you write the file. That's why they invented the variable name temp.