From 151ca81f1a5a03ae83d9c14ab7748a2d3c09919e Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Wed, 13 Oct 2004 18:10:06 +0000
Subject: Added SELInux hacks and did some cleanups.

---
 g10/plaintext.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'g10/plaintext.c')

diff --git a/g10/plaintext.c b/g10/plaintext.c
index 8918d199c..8b782add7 100644
--- a/g10/plaintext.c
+++ b/g10/plaintext.c
@@ -446,6 +446,12 @@ ask_for_detached_datafile( MD_HANDLE md, MD_HANDLE md2,
 		goto leave;
 	    }
 	    fp = iobuf_open(answer);
+            if (fp && is_secured_file (iobuf_get_fd (fp)))
+              {
+                iobuf_close (fp);
+                fp = NULL;
+                errno = EPERM;
+              }
 	    if( !fp && errno == ENOENT ) {
 		tty_printf("No such file, try again or hit enter to quit.\n");
 		any++;
@@ -501,6 +507,12 @@ hash_datafiles( MD_HANDLE md, MD_HANDLE md2, STRLIST files,
 
     for (sl=files; sl; sl = sl->next ) {
 	fp = iobuf_open( sl->d );
+        if (fp && is_secured_file (iobuf_get_fd (fp)))
+          {
+            iobuf_close (fp);
+            fp = NULL;
+            errno = EPERM;
+          }
 	if( !fp ) {
 	    log_error(_("can't open signed data `%s'\n"),
 						print_fname_stdin(sl->d));
-- 
cgit