diff --git a/ChangeLog b/ChangeLog
index 73a38f1aded396be1d70326a2bf0ea85ae583b0c..e1a88f42a44b375a1246cfa6bc92dddb19efdc5d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -21,8 +21,8 @@ version 0.9.6 -- unreleased
 	   new syntax.
 	 . Support every duplicity-supported transport with new configuration
 	   option desturl (Closes: #483712, #346040, Trac#2).
-	 .
-	Actually allow to backup only VServers, by relaxing $include test.
+	 . Actually allow to backup only VServers, by relaxing $include test.
+	 . Set secure permissions on tmpdir when creating it.
 	ldap:
 	 . support HDB backend just as the BDB one, and make message clearer
 	   when no supported backend is found (Closes: #476910)
diff --git a/handlers/dup.in b/handlers/dup.in
index 2854974d43a49e906ef735571e44a0ba325f4f31..89db671a3fd9f70b62891091fbd11c48705c2c91 100644
--- a/handlers/dup.in
+++ b/handlers/dup.in
@@ -166,6 +166,7 @@ if [ -n "$tmpdir" ]; then
       info "Temporary directory ($tmpdir) does not exist, creating it."
       mkdir -p "$tmpdir"
       [ $? -eq 0 ] || fatal "Could not create temporary directory ($tmpdir)."
+      chmod 0700 "$tmpdir"
    fi
    info "Using $tmpdir as TMPDIR"
    precmd="${precmd}TMPDIR=$tmpdir "