From e6e5524f67d93bcc5766a3c729c5ac1cfbb9577f Mon Sep 17 00:00:00 2001
From: Kovid Goyal <kovid@kovidgoyal.net>
Date: Wed, 3 Jun 2026 05:45:04 +0530
Subject: [PATCH] diff kitten: Strip suid/sgid bits from extracted files

---
 kittens/diff/main.go | 2 +-
 tools/utils/tar.go   | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/kittens/diff/main.go b/kittens/diff/main.go
index 25ba00070..a54dec119 100644
--- a/kittens/diff/main.go
+++ b/kittens/diff/main.go
@@ -88,7 +88,7 @@ func get_ssh_file(hostname, rpath string) (string, error) {
 		return "", fmt.Errorf("Failed to ssh into remote host %s to get file %s with error: %w", hostname, rpath, err)
 	}
 	tf := tar.NewReader(bytes.NewReader(stdout))
-	count, err := utils.ExtractAllFromTar(tf, tdir)
+	count, err := utils.ExtractAllFromTar(tf, tdir, utils.TarExtractOptions{DontPreserveSuidAndSgid: true})
 	if err != nil {
 		return "", fmt.Errorf("Failed to untar data from remote host %s to get file %s with error: %w", hostname, rpath, err)
 	}
diff --git a/tools/utils/tar.go b/tools/utils/tar.go
index 899707000..2c36ed023 100644
--- a/tools/utils/tar.go
+++ b/tools/utils/tar.go
@@ -18,6 +18,7 @@ var _ = fmt.Print
 
 type TarExtractOptions struct {
 	DontPreservePermissions bool
+	DontPreserveSuidAndSgid bool
 }
 
 func volnamelen(path string) int {
@@ -189,6 +190,9 @@ func ExtractAllFromTar(tr *tar.Reader, dest_path string, optss ...TarExtractOpti
 	set_metadata := func(chmod func(mode fs.FileMode) error, hdr_mode int64) (err error) {
 		if !opts.DontPreservePermissions && chmod != nil {
 			perms := mode(hdr_mode)
+			if opts.DontPreserveSuidAndSgid {
+				perms = perms &^ (os.ModeSetuid | os.ModeSetgid)
+			}
 			if err = chmod(perms); err != nil {
 				return err
 			}