#
#
# patch "key_store.cc"
#  from [70b97a9e2a06654ec641a1709c2a875cdfa603d5]
#    to [fda46d5fa8a5b2a52421c1f83413a208e2c6401f]
#
============================================================
--- key_store.cc	70b97a9e2a06654ec641a1709c2a875cdfa603d5
+++ key_store.cc	fda46d5fa8a5b2a52421c1f83413a208e2c6401f
@@ -1,4 +1,5 @@
 #include <sstream>
+#include <sys/stat.h>
 
 #include "key_store.hh"
 #include "file_io.hh"
@@ -210,8 +211,12 @@ key_store::write_key(rsa_keypair_id cons
   data dat(oss.str());
   system_path file;
   get_key_file(ident, file);
+
+  // set a restrictive umask, write the file and reset umask
+  mode_t mask = umask(S_IRWXG|S_IRWXO);
   L(FL("writing key '%s' to file '%s' in dir '%s'") % ident % file % key_dir);
   write_data(file, dat, key_dir);
+  umask(mask);
 }
 
 bool