summaryrefslogtreecommitdiffstats
path: root/g10/keyring.c
diff options
context:
space:
mode:
authorWerner Koch <wk@gnupg.org>2014-06-25 20:25:28 +0200
committerWerner Koch <wk@gnupg.org>2014-06-30 09:12:48 +0200
commitc434de4d83ccfaca8bde51de5c2ac8d9656e4e18 (patch)
tree07987f47300ad446063273961acf0437af24a2d2 /g10/keyring.c
parentcommon: Minor code cleanup for a legacy OS. (diff)
downloadgnupg2-c434de4d83ccfaca8bde51de5c2ac8d9656e4e18.tar.xz
gnupg2-c434de4d83ccfaca8bde51de5c2ac8d9656e4e18.zip
gpg: Create exported secret files and revocs with mode 700.
* common/iobuf.c (direct_open): Add arg MODE700. (iobuf_create): Ditto. * g10/openfile.c (open_outfile): Add arg RESTRICTEDPERM. Change call callers to pass 0 for it. * g10/revoke.c (gen_desig_revoke, gen_revoke): Here pass true for new arg. * g10/export.c (do_export): Pass true for new arg if SECRET is true. -- GnuPG-bug-id: 1653. Note that this works only if --output has been used.
Diffstat (limited to 'g10/keyring.c')
-rw-r--r--g10/keyring.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/g10/keyring.c b/g10/keyring.c
index 04f6eeb22..6f75b6a78 100644
--- a/g10/keyring.c
+++ b/g10/keyring.c
@@ -1197,7 +1197,9 @@ create_tmp_file (const char *template,
strcpy (stpcpy(tmpfname,template), EXTSEP_S "tmp");
# endif /* Posix filename */
- /* Create the temp file with limited access */
+ /* Create the temp file with limited access. Note that the umask
+ call is not anymore needed because iobuf_create now takes care
+ of it. However, it does not harm and thus we keep it. */
oldmask=umask(077);
if (is_secured_filename (tmpfname))
{
@@ -1205,7 +1207,7 @@ create_tmp_file (const char *template,
gpg_err_set_errno (EPERM);
}
else
- *r_fp = iobuf_create (tmpfname);
+ *r_fp = iobuf_create (tmpfname, 1);
umask(oldmask);
if (!*r_fp)
{
@@ -1513,7 +1515,7 @@ do_copy (int mode, const char *fname, KBNODE root,
gpg_err_set_errno (EPERM);
}
else
- newfp = iobuf_create (fname);
+ newfp = iobuf_create (fname, 1);
umask(oldmask);
if( !newfp )
{