curl: curl’s persistence files inherit world-readable/writable perms from umask, leaking and tampering with cookies/HSTS/Alt-Svc caches

Executive Summary Curlfopen clones the permissions of any pre-existing persistence file when creating its temporary file. When the persistence file does not exist, it first creates one with the process umask typically 022, i.e., 0644. That mode is then copied to the temp file via 0600 | sb.stmode...