Hello,

Auto-saved copies of remote files are created with default permissions
(666 minus umask). By this, sensitive files can be read by other
users.

It comes from the function `auto_save_1' of fileio.c, where the
permissions of the original files are retrieved via `stat', which
isn't possible for remote files.

The following patch avoids this. Are there any objections?

Best regards, Michael.