Archive Utility assigns incorrect permissions to files expanded from ZIP archives

Originator:nicolas+
Number:rdar://35197897 Date Originated:2017-10-26
Status:Closed Resolved:2018-02-08
Product:macOS Product Version:10.13 (17A405)
Classification:Bug Reproducible:Always
 
# Summary:

When expanding a ZIP archive that contains entries marked as made under MS-DOS (e.g. any ZIP archive generated by the git-archive utility), the execute bit is added to the expanded files.

This is very frustrating when the expanded file is a text file without a filename extension (e.g. LICENSE, README):
- The file is treated by macOS as an executable. Double-clicking it will open the Terminal instead of a text editor.
- If the archive was downloaded from the Internet (e.g. github.com), the file is also marked as quarantined.

This is also inconsistent with the behavior of the unzip command.

# Steps to Reproduce:

1. Open the Terminal.
2. Execute the following command:

    echo Hello World > README && zip -k Archive.zip README && rm README && open Archive.zip

# Expected Results:

Archive Utility should expand the archive and create a file named "README" in the current directory with permissions -rw-r--r--.

# Actual Results:

Archive Utility expands the archive and creates a file named "README" in the current directory with permissions -rwxr-xr-x.

# Version/Build:

macOS 10.13 (17A405)
Archive Utility 10.10 (81)

Comments

Response from Apple Developer Relations

Engineering has provided the following information regarding this issue:

Bom/ditto has been deprecated. Use zip/unzip instead. Or libarchive if you need a library.

What I was thinking

Seriously?! Did you even read the f*ing title?

My answer

This bug report is not about Bom nor ditto. This bug report is about Archive Utility, the default application to expand a ZIP archive on macOS.


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!