diff options
| -rw-r--r-- | Utility/FileMode.hs | 31 | ||||
| -rw-r--r-- | debian/changelog | 1 | ||||
| -rw-r--r-- | doc/bugs/ssh:_unprotected_private_key_file.mdwn | 3 |
3 files changed, 26 insertions, 9 deletions
diff --git a/Utility/FileMode.hs b/Utility/FileMode.hs index b17cadc3b..d8fb866ae 100644 --- a/Utility/FileMode.hs +++ b/Utility/FileMode.hs @@ -99,13 +99,20 @@ noUmask :: FileMode -> IO a -> IO a #ifndef mingw32_HOST_OS noUmask mode a | mode == stdFileMode = a - | otherwise = bracket setup cleanup go + | otherwise = withUmask nullFileMode a +#else +noUmask _ a = a +#endif + +withUmask :: FileMode -> IO a -> IO a +#ifndef mingw32_HOST_OS +withUmask umask a = bracket setup cleanup go where - setup = setFileCreationMask nullFileMode + setup = setFileCreationMask umask cleanup = setFileCreationMask go _ = a #else -noUmask _ a = a +withUmask _ a = a #endif combineModes :: [FileMode] -> FileMode @@ -127,14 +134,20 @@ setSticky f = modifyFileMode f $ addModes [stickyMode] #endif {- Writes a file, ensuring that its modes do not allow it to be read - - by anyone other than the current user, before any content is written. + - or written by anyone other than the current user, + - before any content is written. + - + - When possible, this is done using the umask. - - On a filesystem that does not support file permissions, this is the same - as writeFile. -} writeFileProtected :: FilePath -> String -> IO () -writeFileProtected file content = withFile file WriteMode $ \h -> do - void $ tryIO $ - modifyFileMode file $ - removeModes [groupReadMode, otherReadMode] - hPutStr h content +writeFileProtected file content = withUmask 0o0077 $ + withFile file WriteMode $ \h -> do + void $ tryIO $ modifyFileMode file $ + removeModes + [ groupReadMode, otherReadMode + , groupWriteMode, otherWriteMode + ] + hPutStr h content diff --git a/debian/changelog b/debian/changelog index 29399c4fb..e3cb63d77 100644 --- a/debian/changelog +++ b/debian/changelog @@ -16,6 +16,7 @@ git-annex (5.20140307) UNRELEASED; urgency=medium (So will --in=) * Fix ssh connection caching stop method to work with openssh 6.5p1, which broke the old method. + * Better workaround for problem umasks when eg, setting up ssh keys. -- Joey Hess <joeyh@debian.org> Thu, 06 Mar 2014 16:17:01 -0400 diff --git a/doc/bugs/ssh:_unprotected_private_key_file.mdwn b/doc/bugs/ssh:_unprotected_private_key_file.mdwn index 26dbb390a..207ef76d1 100644 --- a/doc/bugs/ssh:_unprotected_private_key_file.mdwn +++ b/doc/bugs/ssh:_unprotected_private_key_file.mdwn @@ -57,3 +57,6 @@ bad permissions: ignore key: ABC/.ssh/git-annex/key.git-annex-XYZ_annex # End of transcript or log. """]] + +> [[Fixed|done]]; the code made sure the file did not have any group or +> world read bits, but did not clear write bits. --[[Joey]] |