gpg: Create exported secret files and revocs with mode 700.

* common/iobuf.c (direct_open): Add arg MODE700.
(iobuf_create): Ditto.
* g10/openfile.c (open_outfile): Add arg RESTRICTEDPERM.  Change call
callers to pass 0 for it.
* g10/revoke.c (gen_desig_revoke, gen_revoke): Here pass true for new
arg.
* g10/export.c (do_export): Pass true for new arg if SECRET is true.
--

GnuPG-bug-id: 1653.

Note that this works only if --output has been used.

1 files changed, 6 insertions, 4 deletions

diff --git a/g10/openfile.c b/g10/openfile.c
index 119c5670d..901387d31 100644
--- a/g10/openfile.c
+++ b/g10/openfile.c
@@ -177,10 +177,12 @@ ask_outfile_name( const char *name, size_t namelen )
  *
  * If INP_FD is not -1 the function simply creates an IOBUF for that
  * file descriptor and ignorea INAME and MODE.  Note that INP_FD won't
- * be closed if the returned IOBUF is closed.
+ * be closed if the returned IOBUF is closed.  With RESTRICTEDPERM a
+ * file will be created with mode 700 if possible.
  */
 int
-open_outfile (int inp_fd, const char *iname, int mode, iobuf_t *a)
+open_outfile (int inp_fd, const char *iname, int mode, int restrictedperm,
+              iobuf_t *a)
 {
   int rc = 0;
 
@@ -204,7 +206,7 @@ open_outfile (int inp_fd, const char *iname, int mode, iobuf_t *a)
     }
   else if (iobuf_is_pipe_filename (iname) && !opt.outfile)
     {
-      *a = iobuf_create(NULL);
+      *a = iobuf_create (NULL, 0);
       if ( !*a )
         {
           rc = gpg_error_from_syserror ();
@@ -284,7 +286,7 @@ open_outfile (int inp_fd, const char *iname, int mode, iobuf_t *a)
               gpg_err_set_errno (EPERM);
             }
           else
-            *a = iobuf_create (name);
+            *a = iobuf_create (name, restrictedperm);
           if (!*a)
             {
               rc = gpg_error_from_syserror ();