diff --git a/image/manifest.go b/image/manifest.go
index 83bce0f..9400121 100644
--- a/image/manifest.go
+++ b/image/manifest.go
@@ -11,6 +11,10 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
+//
+// Modifications by: Sylabs Inc.
+// Add u+w if we aren't root to allow extraction
+//
 
 package image
 
@@ -273,6 +277,13 @@ func unpackLayerEntry(dest string, header *tar.Header, reader io.Reader, entries
 		}
 	}
 
+	// SINGULARITY_PATCH
+	// Add u+w if we aren't root to allow extractions
+	extraPerms := os.FileMode(0000)
+	if os.Getuid() != 0 {
+		extraPerms = 0600
+	}
+
 	switch header.Typeflag {
 	case tar.TypeDir:
 		fi, err := os.Lstat(path)
@@ -284,14 +295,14 @@ func unpackLayerEntry(dest string, header *tar.Header, reader io.Reader, entries
 			if err != nil && !os.IsNotExist(err) {
 				return false, err
 			}
-			err = os.MkdirAll(path, info.Mode())
+			err = os.MkdirAll(path, info.Mode()|extraPerms)
 			if err != nil {
 				return false, err
 			}
 		}
 
 	case tar.TypeReg, tar.TypeRegA:
-		f, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY, info.Mode())
+		f, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY, info.Mode()|extraPerms)
 		if err != nil {
 			return false, errors.Wrap(err, "unable to open file")
 		}