Added SELInux hacks and did some cleanups.

author: Werner Koch <[email protected]> 2004-10-13 18:10:06 +0000
committer: Werner Koch <[email protected]> 2004-10-13 18:10:06 +0000
commit: 151ca81f1a5a03ae83d9c14ab7748a2d3c09919e (patch)
tree: 38cc8933051a1e45cd3e95cd8cc66746290f7e31 /g10/openfile.c
parent: Add dearmor.c (diff)
download: gnupg-151ca81f1a5a03ae83d9c14ab7748a2d3c09919e.tar.gz
gnupg-151ca81f1a5a03ae83d9c14ab7748a2d3c09919e.zip
1 files changed, 12 insertions, 0 deletions
diff --git a/g10/openfile.c b/g10/openfile.c
index 3f52b613b..9c305a2f2 100644
--- a/g10/openfile.c
+++ b/g10/openfile.c
@@ -278,6 +278,12 @@ open_sigfile( const char *iname, progress_filter_context_t *pfx )
 	    buf = m_strdup(iname);
 	    buf[len-(buf[len-1]=='n'?5:4)] = 0 ;
 	    a = iobuf_open( buf );
+            if (a && is_secured_file (iobuf_get_fd (a)))
+              {
+                iobuf_close (a);
+                a = NULL;
+                errno = EPERM;
+              }
 	    if( a && opt.verbose )
 		log_info(_("assuming signed data in `%s'\n"), buf );
 	    if (a && pfx)
@@ -309,6 +315,12 @@ copy_options_file( const char *destdir )
     fname = m_alloc( strlen(datadir) + strlen(destdir) + 15 );
     strcpy(stpcpy(fname, datadir), DIRSEP_S "options" SKELEXT );
     src = fopen( fname, "r" );
+    if (src && is_secured_file (fileno (src)))
+      {
+        fclose (src);
+        src = NULL;
+        errno = EPERM;
+      }
     if( !src ) {
 	log_error(_("%s: can't open: %s\n"), fname, strerror(errno) );
 	m_free(fname);
author	Werner Koch <[email protected]>	2004-10-13 18:10:06 +0000
committer	Werner Koch <[email protected]>	2004-10-13 18:10:06 +0000
commit	151ca81f1a5a03ae83d9c14ab7748a2d3c09919e (patch)
tree	38cc8933051a1e45cd3e95cd8cc66746290f7e31 /g10/openfile.c
parent	Add dearmor.c (diff)
download	gnupg-151ca81f1a5a03ae83d9c14ab7748a2d3c09919e.tar.gz gnupg-151ca81f1a5a03ae83d9c14ab7748a2d3c09919e.zip