* misc.c (is_secured_filename): New.

* keydb.c (maybe_create_keyring)
* tdbio.c (tdbio_set_dbname)
* plaintext.c (handle_plaintext)
* openfile.c (copy_options_file, open_outfile)
* exec.c (exec_write)
* keygen.c (do_generate_keypair, gen_card_key_with_backup)
* sign.c (sign_file, clearsign_file)
* keyring.c (create_tmp_file, do_copy): Check for secured files
before creating them.

* keygen.c (print_status_key_created): s/unsigned char/byte/ due
to a strange typedef for RISC OS.  Noted by Stefan.

1 files changed, 14 insertions, 2 deletions

diff --git a/g10/sign.c b/g10/sign.c
index b6f67e55c..6a1e4da22 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -768,7 +768,13 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
     }
 
     if( outfile ) {
-	if( !(out = iobuf_create( outfile )) ) {
+        if (is_secured_filename ( outfile )) {
+            out = NULL;
+            errno = EPERM;
+        }
+        else
+            out = iobuf_create( outfile );
+	if( !out ) {
 	    log_error(_("can't create file `%s': %s\n"),
 		      outfile, strerror(errno) );
 	    rc = G10ERR_CREATE_FILE;
@@ -1019,7 +1025,13 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
     handle_progress (&pfx, inp, fname);
 
     if( outfile ) {
-	if( !(out = iobuf_create( outfile )) ) {
+        if (is_secured_filename (outfile) ) {
+            outfile = NULL;
+            errno = EPERM;
+        }
+        else 
+            out = iobuf_create( outfile );
+	if( !out ) {
 	    log_error(_("can't create file `%s': %s\n"),
 		      outfile, strerror(errno) );
 	    rc = G10ERR_CREATE_FILE;