>> I noticed when a file name argument is passed to the IO.copy_stream, the
>> newly-created destination file has 0600 perms and is not respecting my
>> normal umask (0022).
>
> Sometimes the convention, 0666 by default, causes security problem:
> It causes world writable files if users forget to set correct umask.
>
> There are various umask related security problem:
> CVE-1999-1572, CVE-2001-1322, CVE-2005-1841, CVE-2006-1587,
> CVE-2006-3589, CVE-2007-6249
>
> So I didn't use 0666.
>
> 0600 may be too restrictive but you can use File.chmod to relax it.

If you don't follow normal convention intentionally, is there any
reason to don't write a documentation explicitly?

Thanks.