mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-03 22:56:33 +02:00
gpg: Re-add checking of config file permissions.
* g10/gpg.c (main): Re-add permission checking of the user config file. Re-add code to check against the SE-Linux secured file list. (get_default_configname): Remove unused func. * configure.ac (SAFE_VERSION, SAFE_VERSION_DOT) (SAFE_VERSION_DASH): Remove. -- Die to the switch to the new option parser, the permissions were not anymore checked. This patch fixes this. Note that there there is no checking for the global config file because that file is not expected to be user modifiable. This patch also adds checking against the list of SE-linux secured files. However, like in the old code the checking does not work in practise because the to be checked files are added to the the list only after option parsing. Tested using temporary debug code. The SAFE_VERSION macros were used for RISC OS, which is not anymore supported, and only in the now removed get_default_configname. There purpose was that a RISC OS could use a modified config.h here. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch
parent
833c04334a
commit
7e8f28653c
2 changed files with 18 additions and 106 deletions
|
|
@ -495,14 +495,6 @@ AH_BOTTOM([
|
|||
#define EXEEXT_S ""
|
||||
#endif
|
||||
|
||||
/* This is the same as VERSION, but should be overridden if the
|
||||
platform cannot handle things like dots '.' in filenames. Set
|
||||
SAFE_VERSION_DOT and SAFE_VERSION_DASH to whatever SAFE_VERSION
|
||||
uses for dots and dashes. */
|
||||
#define SAFE_VERSION VERSION
|
||||
#define SAFE_VERSION_DOT '.'
|
||||
#define SAFE_VERSION_DASH '-'
|
||||
|
||||
/* Some global constants.
|
||||
* Note that the homedir must not end in a slash. */
|
||||
#ifdef HAVE_DOSISH_SYSTEM
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue