procyberian/emacs
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Set file modes of pinentry socket for extra safety

Browse source 
* lisp/net/pinentry.el: Require 'cl-lib for `cl-letf'.
(pinentry-start): Change the file modes of the socket file to 0700.
This is just for extra safety since the parent directory is already
protected with `server-ensure-safe-dir'.
This commit is contained in:
Daiki Ueno 2016-02-22 11:28:11 +09:00
parent 2667b3ebae
commit 29757844e5
1 changed files with 14 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

5
lisp/net/pinentry.el
View file

@ -49,6 +49,8 @@
;;; Code: ;;; Code:
(eval-when-compile (require 'cl-lib))
(defgroup pinentry nil (defgroup pinentry nil
"The Pinentry server" "The Pinentry server"
:version "25.1" :version "25.1"
@ -172,6 +174,7 @@ will not be shown."
(ignore-errors (ignore-errors
(let (delete-by-moving-to-trash) (let (delete-by-moving-to-trash)
(delete-file server-file))) (delete-file server-file)))
(cl-letf (((default-file-modes) ?\700))
(setq pinentry--server-process (setq pinentry--server-process
(make-network-process (make-network-process
:name "pinentry" :name "pinentry"
@ -182,7 +185,7 @@ will not be shown."
:coding 'no-conversion :coding 'no-conversion
:family 'local :family 'local
:service server-file)) :service server-file))
(process-put pinentry--server-process :server-file server-file)))) (process-put pinentry--server-process :server-file server-file)))))
(defun pinentry-stop () (defun pinentry-stop ()
"Stop a Pinentry service." "Stop a Pinentry service."