diff options
author | Werner Koch <wk@gnupg.org> | 2014-06-25 20:25:28 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2014-06-30 09:12:48 +0200 |
commit | c434de4d83ccfaca8bde51de5c2ac8d9656e4e18 (patch) | |
tree | 07987f47300ad446063273961acf0437af24a2d2 /g10/keyring.c | |
parent | common: Minor code cleanup for a legacy OS. (diff) | |
download | gnupg2-c434de4d83ccfaca8bde51de5c2ac8d9656e4e18.tar.xz gnupg2-c434de4d83ccfaca8bde51de5c2ac8d9656e4e18.zip |
gpg: Create exported secret files and revocs with mode 700.
* common/iobuf.c (direct_open): Add arg MODE700.
(iobuf_create): Ditto.
* g10/openfile.c (open_outfile): Add arg RESTRICTEDPERM. Change call
callers to pass 0 for it.
* g10/revoke.c (gen_desig_revoke, gen_revoke): Here pass true for new
arg.
* g10/export.c (do_export): Pass true for new arg if SECRET is true.
--
GnuPG-bug-id: 1653.
Note that this works only if --output has been used.
Diffstat (limited to 'g10/keyring.c')
-rw-r--r-- | g10/keyring.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/g10/keyring.c b/g10/keyring.c index 04f6eeb22..6f75b6a78 100644 --- a/g10/keyring.c +++ b/g10/keyring.c @@ -1197,7 +1197,9 @@ create_tmp_file (const char *template, strcpy (stpcpy(tmpfname,template), EXTSEP_S "tmp"); # endif /* Posix filename */ - /* Create the temp file with limited access */ + /* Create the temp file with limited access. Note that the umask + call is not anymore needed because iobuf_create now takes care + of it. However, it does not harm and thus we keep it. */ oldmask=umask(077); if (is_secured_filename (tmpfname)) { @@ -1205,7 +1207,7 @@ create_tmp_file (const char *template, gpg_err_set_errno (EPERM); } else - *r_fp = iobuf_create (tmpfname); + *r_fp = iobuf_create (tmpfname, 1); umask(oldmask); if (!*r_fp) { @@ -1513,7 +1515,7 @@ do_copy (int mode, const char *fname, KBNODE root, gpg_err_set_errno (EPERM); } else - newfp = iobuf_create (fname); + newfp = iobuf_create (fname, 1); umask(oldmask); if( !newfp ) { |