Permissions not preserved in a JAR within a ZIP

[mrpegman]

If you have a JAR with the targeted classes and that JAR is within a ZIP, then scanning the ZIP will remove permissions on the files within the JAR. This is a UNIX-only issue as far as I can tell. Opening up the JAR after scanning shows that the HOST OS was changed from UNIX to FAT and the UNIX-style permissions were stripped.

[xeraph]

You would have used fix option. Scanner does not modify any file while scanning.

[mrpegman]

The command that I ran was: java -jar esp.jar --scan-log4j1 --scan-zip --fix fsc.zip

The esp.jar is the logpresso JAR. The fsc.zip file contains a JAR which when it gets scanned has the UNIX file permissions removed.