]> git.eshelyaron.com Git - emacs.git/commitdiff
projects / emacs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3b5de7f)
Use restrictive umask when creating image-dired data
authorStefan Kangas <stefan@marxist.se>
Sun, 24 Oct 2021 19:20:16 +0000 (21:20 +0200)
committerStefan Kangas <stefan@marxist.se>
Sun, 24 Oct 2021 19:20:16 +0000 (21:20 +0200)
* lisp/image-dired.el (image-dired-dir)
(image-dired-sane-db-file): Create thumbnail directory and
.image-dired_db with umask 077.  This avoids creating world readable
copies of private data, and is in fact mandated by the Thumbnail
Managing Standard that we aim to support.

lisp/image-dired.el patch | blob | history

diff --git a/lisp/image-dired.el b/lisp/image-dired.el
index 2af0c6654ec9c59c2a6f3e77a50bf723a9143f54..e5fbfcf9278a49bdcf5d47dd7bf8a0ca20c7509e 100644 (file)
--- a/lisp/image-dired.el
+++ b/lisp/image-dired.el
@@ -538,7 +538,8 @@ Create the thumbnails directory if it does not exist."
   (let ((image-dired-dir (file-name-as-directory
                     (expand-file-name image-dired-dir))))
     (unless (file-directory-p image-dired-dir)
-      (make-directory image-dired-dir t)
+      (with-file-modes #o700
+        (make-directory image-dired-dir t))
       (message "Creating thumbnails directory"))
     image-dired-dir))
 
@@ -1070,10 +1071,12 @@ Signal error if there are problems creating it."
       (let (dir buf)
         (unless (file-directory-p (setq dir (file-name-directory
                                              image-dired-db-file)))
-          (make-directory dir t))
+          (with-file-modes #o700
+            (make-directory dir t)))
         (with-current-buffer (setq buf (create-file-buffer
                                         image-dired-db-file))
-          (write-file image-dired-db-file))
+          (with-file-modes #o600
+            (write-file image-dired-db-file)))
         (kill-buffer buf)
         (file-exists-p image-dired-db-file))
       (error "Could not create %s" image-dired-db-file)))
@@ -2515,6 +2518,7 @@ when using per-directory thumbnail file storage"))
     (if (file-exists-p image-dired-gallery-dir)
         (if (not (file-directory-p image-dired-gallery-dir))
             (error "Variable image-dired-gallery-dir is not a directory"))
+      ;; FIXME: Should we set umask to 077 here, as we do for thumbnails?
       (make-directory image-dired-gallery-dir))
     ;; Open index file
     (with-temp-file index-file
Unnamed repository; edit this file 'description' to name the repository.