[Patch] Prints a warning if directory mode is wrong
Lefteris Chatzibarbas
lefcha at hol.gr
Sat May 19 21:15:02 CEST 2001
On Sat, May 19, 2001 at 06:00:03PM +0200, Matthias Urlichs wrote:
> Lefteris Chatzibarbas:
> > Here's a patch that checks the permissions of GNUPG_HOMEDIR and prints a
> > warning if they are not 700.
>
> Why so strict? 755 should be sufficient.
>
> The secret key ring should be 0600, of course.
The homedir is initially created with these permissions and I thought
it being a good idea to stay that way. This way files that reside
into the directory, such as secring are inaccessible to group/others.
Anyway, because someone can add (--secret-keyring) a secring that's not
in the homedir I could write a function that checks perms of certain
important files.
Also, in the patch I sent the function that checks permissions is called a
little early. It should reside 45 lines forward in the g10.c source file, in
order to use a possible --homedir argument.
Suggestions/comments?
More information about the Gnupg-devel
mailing list