gitea-mirror/git-crypt
1
0
Fork 0
mirror of https://github.com/AGWA/git-crypt.git synced 2025-12-26 12:50:39 -08:00
Code Issues Packages Projects Releases Wiki Activity

Write and use create_protected_file() helper

Browse Source 
Instead of using umask to ensure sensitive files are created with
restrictive permissions, git-crypt now does:

	create_protected_file(filename);
	std::ofstream out(filename);
	// ...

create_protected_file can have different Unix and Windows implementations.
create_protected_file should be easier to implement on Windows than a
umask equivalent, and this pattern keeps the amount of platform-specific
code to a minimum and avoids #ifdefs.
This commit is contained in:
Andrew Ayer
2014-08-02 20:59:48 -07:00
parent 01f152b746
commit 47e810d592
4 changed files with 13 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
key.cpp
View File

@@ -261,9 +261,8 @@ bool Key_file::load_from_file (const char* key_file_name)
bool Key_file::store_to_file (const char* key_file_name) const
{
mode_t old_umask = util_umask(0077); // make sure key file is protected
create_protected_file(key_file_name);
std::ofstream key_file_out(key_file_name, std::fstream::binary);
util_umask(old_umask);
if (!key_file_out) {
return false;
}