When ebuild is unpacking a .tar.gz into /var/tmp/portage it for some reasons sets the wrong permissions on the files. This should be considered a security risk becuse packages that copies files directly from the unpacked distribution archives will have the wrong permission set.
Seems like a -p option for tar or equivalent would be appropriate.
Archives extracted automatically use the --no-same-owner option, so that we don't get weird ownership (which is possible since we are extracting the tarballs as root.) This is generally a good thing. If you need the alternate behavior (preserving ownership, which really you generally don't,) then you can create a src_unpack which does so: src_unpack() { tar xjvf ${DISTDIR}/myarchive.tar.bz2 -C ${WORKDIR} } I don't see this as a bug, so I'm going to close this report.