gpg: Create exported secret files and revocs with mode 700.

* common/iobuf.c (direct_open): Add arg MODE700. (iobuf_create): Ditto. * g10/openfile.c (open_outfile): Add arg RESTRICTEDPERM. Change call callers to pass 0 for it. * g10/revoke.c (gen_desig_revoke, gen_revoke): Here pass true for new arg. * g10/export.c (do_export): Pass true for new arg if SECRET is true. -- GnuPG-bug-id: 1653. Note that this works only if --output has been used.
2025-07-02 22:46:30 +02:00 · 2014-06-25 20:25:28 +02:00 · 2014-06-25 20:25:28 +02:00 · c434de4d83
commit c434de4d83
parent 35fdfaa0b9
12 changed files with 43 additions and 31 deletions
--- a/g10/openfile.c
+++ b/g10/openfile.c
@ -177,10 +177,12 @@ ask_outfile_name( const char *name, size_t namelen )
 *
 * If INP_FD is not -1 the function simply creates an IOBUF for that
 * file descriptor and ignorea INAME and MODE.  Note that INP_FD won't
- * be closed if the returned IOBUF is closed.
+ * be closed if the returned IOBUF is closed.  With RESTRICTEDPERM a
+ * file will be created with mode 700 if possible.
 */
 int
-open_outfile (int inp_fd, const char *iname, int mode, iobuf_t *a)
+open_outfile (int inp_fd, const char *iname, int mode, int restrictedperm,
+              iobuf_t *a)
 {
  int rc = 0;

@ -204,7 +206,7 @@ open_outfile (int inp_fd, const char *iname, int mode, iobuf_t *a)
    }
  else if (iobuf_is_pipe_filename (iname) && !opt.outfile)
    {
-      *a = iobuf_create(NULL);
+      *a = iobuf_create (NULL, 0);
      if ( !*a )
        {
          rc = gpg_error_from_syserror ();
@ -284,7 +286,7 @@ open_outfile (int inp_fd, const char *iname, int mode, iobuf_t *a)
              gpg_err_set_errno (EPERM);
            }
          else
-            *a = iobuf_create (name);
+            *a = iobuf_create (name, restrictedperm);
          if (!*a)
            {
              rc = gpg_error_from_syserror ();