security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

gpg: Create exported secret files and revocs with mode 700.

Browse source 
* common/iobuf.c (direct_open): Add arg MODE700.
(iobuf_create): Ditto.
* g10/openfile.c (open_outfile): Add arg RESTRICTEDPERM.  Change call
callers to pass 0 for it.
* g10/revoke.c (gen_desig_revoke, gen_revoke): Here pass true for new
arg.
* g10/export.c (do_export): Pass true for new arg if SECRET is true.
--

GnuPG-bug-id: 1653.

Note that this works only if --output has been used.
This commit is contained in:
Werner Koch 2014-06-25 20:25:28 +02:00
parent 35fdfaa0b9
commit c434de4d83
12 changed files with 43 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

10
g10/sign.c
View file

@ -871,7 +871,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
gpg_err_set_errno (EPERM);
}
else
out = iobuf_create( outfile );
out = iobuf_create (outfile, 0);
if( !out )
{
rc = gpg_error_from_syserror ();
@ -882,7 +882,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
log_info(_("writing to '%s'\n"), outfile );
}
else if( (rc = open_outfile (-1, fname,
opt.armor? 1: detached? 2:0, &out )))
opt.armor? 1: detached? 2:0, 0, &out)))
goto leave;
/* prepare to calculate the MD over the input */
@ -1188,7 +1188,7 @@ clearsign_file( const char *fname, strlist_t locusr, const char *outfile )
gpg_err_set_errno (EPERM);
}
else
out = iobuf_create( outfile );
out = iobuf_create (outfile, 0);
if( !out )
{
rc = gpg_error_from_syserror ();
@ -1198,7 +1198,7 @@ clearsign_file( const char *fname, strlist_t locusr, const char *outfile )
else if( opt.verbose )
log_info(_("writing to '%s'\n"), outfile );
}
else if( (rc = open_outfile (-1, fname, 1, &out )) )
else if ((rc = open_outfile (-1, fname, 1, 0, &out)))
goto leave;
iobuf_writestr(out, "-----BEGIN PGP SIGNED MESSAGE-----" LF );
@ -1366,7 +1366,7 @@ sign_symencrypt_file (const char *fname, strlist_t locusr)
cfx.dek->use_mdc=1;
/* now create the outfile */
rc = open_outfile (-1, fname, opt.armor? 1:0, &out);
rc = open_outfile (-1, fname, opt.armor? 1:0, 0, &out);
if (rc)
goto leave;