diff options
| author | Werner Koch <[email protected]> | 2004-01-28 16:19:46 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2004-01-28 16:19:46 +0000 |
| commit | fa5d1513a29708ce51496b4e248bcd91a81c17fe (patch) | |
| tree | 7acd7e03e40e99e8ee928696a23db15bbd436ed1 | |
| parent | (parse_dn_part): Pretty print the nameDistinguisher OID. (diff) | |
| download | gnupg-fa5d1513a29708ce51496b4e248bcd91a81c17fe.tar.gz gnupg-fa5d1513a29708ce51496b4e248bcd91a81c17fe.zip | |
(agent_marktrusted): Check whether the trustlist is
writable.
| -rw-r--r-- | agent/ChangeLog | 5 | ||||
| -rw-r--r-- | agent/divert-scd.c | 2 | ||||
| -rw-r--r-- | agent/learncard.c | 1 | ||||
| -rw-r--r-- | agent/trustlist.c | 16 |
4 files changed, 23 insertions, 1 deletions
diff --git a/agent/ChangeLog b/agent/ChangeLog index 57f9214f6..73b9c4596 100644 --- a/agent/ChangeLog +++ b/agent/ChangeLog @@ -1,3 +1,8 @@ +2004-01-28 Werner Koch <[email protected]> + + * trustlist.c (agent_marktrusted): Check whether the trustlist is + writable. + 2004-01-27 Werner Koch <[email protected]> * sexp-parse.h: Moved to ../common. diff --git a/agent/divert-scd.c b/agent/divert-scd.c index 69f184474..283150ad3 100644 --- a/agent/divert-scd.c +++ b/agent/divert-scd.c @@ -134,7 +134,7 @@ ask_for_card (CTRL ctrl, const unsigned char *shadow_info, char **r_kid) } -/* Put the DIGEST into an DER encoded comtainer and return it in R_VAL. */ +/* Put the DIGEST into an DER encoded container and return it in R_VAL. */ static int encode_md_for_card (const unsigned char *digest, size_t digestlen, int algo, unsigned char **r_val, size_t *r_len) diff --git a/agent/learncard.c b/agent/learncard.c index 28a74f972..a76f2652a 100644 --- a/agent/learncard.c +++ b/agent/learncard.c @@ -303,6 +303,7 @@ agent_handle_learn (void *assuan_context) 101, /* trusted */ 102, /* useful */ 100, /* regular */ + /* We don't include 110 here because gpgsm can't handle it. */ -1 /* end of list */ }; diff --git a/agent/trustlist.c b/agent/trustlist.c index 8575aedb0..5c3271ac0 100644 --- a/agent/trustlist.c +++ b/agent/trustlist.c @@ -236,6 +236,22 @@ agent_marktrusted (CTRL ctrl, const char *name, const char *fpr, int flag) static char key[41]; int keyflag; char *desc; + char *fname; + + /* Check whether we are at all allowed to modify the trustlist. + This is useful so that the trustlist may be a symlink to a global + trustlist with only admin priviliges to modify it. Of course + this is not a secure way of denying access, but it avoids the + usual clicking on an Okay buttun thing most users are used to. */ + fname = make_filename (opt.homedir, "trustlist.txt", NULL); + rc = access (fname, W_OK); + if (rc && errno != ENOENT) + { + xfree (fname); + return gpg_error (GPG_ERR_EPERM); + } + xfree (fname); + if (trustfp) rewind (trustfp); |