[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Please review quickly [Fwd: [bug #19137] permission
From: |
Daniel Carosone |
Subject: |
Re: [Monotone-devel] Please review quickly [Fwd: [bug #19137] permissions on ~/.monotone/keys/ are too permissive] |
Date: |
Fri, 13 Apr 2007 07:38:16 +1000 |
User-agent: |
Mutt/1.5.14 (2007-02-12) |
On Wed, Apr 11, 2007 at 12:17:16PM -0700, Nathaniel Smith wrote:
> On Wed, Apr 11, 2007 at 08:16:38PM +0200, Markus Schiltknecht wrote:
> > --- key_store.cc 70b97a9e2a06654ec641a1709c2a875cdfa603d5
> > +++ key_store.cc fda46d5fa8a5b2a52421c1f83413a208e2c6401f
> > @@ -1,4 +1,5 @@
> > #include <sstream>
> > +#include <sys/stat.h>
> >
> > #include "key_store.hh"
> > #include "file_io.hh"
> > @@ -210,8 +211,12 @@ key_store::write_key(rsa_keypair_id cons
> > data dat(oss.str());
> > system_path file;
> > get_key_file(ident, file);
> > +
> > + // set a restrictive umask, write the file and reset umask
> > + mode_t mask = umask(S_IRWXG|S_IRWXO);
> > L(FL("writing key '%s' to file '%s' in dir '%s'") % ident % file %
> > key_dir);
> > write_data(file, dat, key_dir);
> > + umask(mask);
> > }
>
> What will this do on win32?
Such mysteries aside, should we also check and warn users when
existing keystore files have excessive permissions?
--
Dan.
pgpJUX3NMjRtH.pgp
Description: PGP signature