Software Sources sets wrong permissions when adding new source

software-properties-gtk sets wrong permissions on sources.list files in /etc/apt/sources.d/ directory. The result is that Update Manager fails to start.

To reproduce:
1. Set default umask to 0027 (that's right, newly created files should not be world readable by default on my system, and ease of use should not compromise security).

2. Go to System -> Administration -> Software Sources. This will ask you for administrative password. Add a new source like ppa:nijel/ppa and update sources list.

3. This will result in Update Manager to fail reading sources list file /etc/apt/sources.list.d/nijel-ppa-karmic.list because the permissions on that file are set to rw-r-----

4. Making file world readable (sudo chmod 644 /etc/apt/sources.list.d/nijel-ppa-karmic.list) corrects the problem.

Since Update Manager does not ask for administrative password for retrieving information about updates in order to facilitate automatic updates notification and therefore sources files must be world readable, the software-properties-gtk should respect that and to set proper permissions on files it creates in /etc/apt/sources.list.d directory.

Alternatively, the Update Manager can be redesigned to work with tightened file permissions as it once used to. Let's Ubuntu security team have a say before usability is going to destroy security.

ProblemType: Bug
Architecture: amd64
CheckboxSubmission: 84636f17fa3181c7c09a5833080a5055
CheckboxSystem: b8f3ec504801f13fc208edb5c785b099
Date: Thu Dec 17 17:10:50 2009
DistroRelease: Ubuntu 9.10
InstallationMedia: Ubuntu 9.10 "Karmic Koala" - Release amd64 (20091027.1)
NonfreeKernelModules: nvidia
Package: software-properties-gtk 0.75.4
PackageArchitecture: all
ProcEnviron:
 LANG=ru_RU.UTF-8
 SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.31-16.53-generic
SourcePackage: software-properties
Uname: Linux 2.6.31-16-generic x86_64