emacs-elpa-diffs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[elpa] master dcc9ba0 11/11: Set file modes of pinentry socket for extra

From: Nicolas Petton
Subject: [elpa] master dcc9ba0 11/11: Set file modes of pinentry socket for extra safety
Date: Tue, 16 Jan 2018 08:01:46 -0500 (EST) 
branch: master
commit dcc9ba03252ee5d39e03bba31b420e0708c3ba0c
Author: Daiki Ueno <address@hidden>
Commit: Nicolas Petton <address@hidden>

    Set file modes of pinentry socket for extra safety
    
    * pinentry.el: Require 'cl-lib for `cl-letf'.
    (pinentry-start): Change the file modes of the socket file to 0700.
    This is just for extra safety since the parent directory is already
    protected with `server-ensure-safe-dir'.
---
 packages/pinentry/pinentry.el | 25 ++++++++++++++-----------
 1 file changed, 14 insertions(+), 11 deletions(-)

diff --git a/packages/pinentry/pinentry.el b/packages/pinentry/pinentry.el
index d7dca4a..50ea614 100644
--- a/packages/pinentry/pinentry.el
+++ b/packages/pinentry/pinentry.el
@@ -49,6 +49,8 @@
 
 ;;; Code:
 
+(eval-when-compile (require 'cl-lib))
+
 (defgroup pinentry nil
   "The Pinentry server"
   :version "25.1"
@@ -172,17 +174,18 @@ will not be shown."
       (ignore-errors
         (let (delete-by-moving-to-trash)
           (delete-file server-file)))
-      (setq pinentry--server-process
-            (make-network-process
-             :name "pinentry"
-             :server t
-             :noquery t
-             :sentinel #'pinentry--process-sentinel
-             :filter #'pinentry--process-filter
-             :coding 'no-conversion
-             :family 'local
-             :service server-file))
-      (process-put pinentry--server-process :server-file server-file))))
+      (cl-letf (((default-file-modes) ?\700))
+        (setq pinentry--server-process
+              (make-network-process
+               :name "pinentry"
+               :server t
+               :noquery t
+               :sentinel #'pinentry--process-sentinel
+               :filter #'pinentry--process-filter
+               :coding 'no-conversion
+               :family 'local
+               :service server-file))
+        (process-put pinentry--server-process :server-file server-file)))))
 
 (defun pinentry-stop ()
   "Stop a Pinentry service."
reply via email to
[Prev in Thread] Current Thread [Next in Thread]