Write and use create_protected_file() helper

Instead of using umask to ensure sensitive files are created with restrictive permissions, git-crypt now does: create_protected_file(filename); std::ofstream out(filename); // ... create_protected_file can have different Unix and Windows implementations. create_protected_file should be easier to implement on Windows than a umask equivalent, and this pattern keeps the amount of platform-specific code to a minimum and avoids #ifdefs.
2026-01-02 16:20:16 -08:00 · 2014-08-02 20:59:48 -07:00
parent 01f152b746
commit 47e810d592
4 changed files with 13 additions and 11 deletions
--- a/util-win32.cpp
+++ b/util-win32.cpp
@@ -346,10 +346,8 @@ static void	init_std_streams_platform ()
 	_setmode(_fileno(stdout), _O_BINARY);
 }

-mode_t util_umask (mode_t mode)
+void create_protected_file (const char* path) // TODO
 {
-	// Not available in Windows and function not always defined in Win32 environments
-	return 0;
 }

 int util_rename (const char* from, const char* to)