From: Paul Eggert Date: Thu, 29 Dec 2011 22:08:29 +0000 (-0800) Subject: * epg.el (epg--make-temp-file): Avoid permission race conditions X-Git-Tag: emacs-pretest-24.0.93~97^2~56 X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=dbf17d8b483f08f9506c19ef95e894fca62b8ec7;p=emacs.git * epg.el (epg--make-temp-file): Avoid permission race conditions when creating temporary directories and files on older Emacs. --- diff --git a/lisp/ChangeLog b/lisp/ChangeLog index 2c1d59d45a5..ba05002cc69 100644 --- a/lisp/ChangeLog +++ b/lisp/ChangeLog @@ -1,5 +1,8 @@ 2011-12-29 Paul Eggert + * epg.el (epg--make-temp-file): Avoid permission race conditions + when creating temporary directories and files on older Emacs. + * files.el (move-file-to-trash): Preserve default file modes on error. (Bug#10401) diff --git a/lisp/epg.el b/lisp/epg.el index 133e76da96c..8e784257d54 100644 --- a/lisp/epg.el +++ b/lisp/epg.el @@ -1951,14 +1951,16 @@ The returned file name (created by appending some random characters at the end of PREFIX, and expanding against `temporary-file-directory' if necessary), is guaranteed to point to a newly created empty file. You can then use `write-region' to write new data into the file." - (let (tempdir tempfile) + (let (tempdir tempfile orig-modes) (setq prefix (expand-file-name prefix (if (featurep 'xemacs) (temp-directory) temporary-file-directory))) + (setq orig-modes (default-file-modes)) (unwind-protect (let (file) ;; First, create a temporary directory. + (set-default-file-modes #o700) (while (condition-case () (progn (setq tempdir (make-temp-name @@ -1969,14 +1971,12 @@ You can then use `write-region' to write new data into the file." (make-directory tempdir)) ;; let's try again. (file-already-exists t))) - (set-file-modes tempdir 448) ;; Second, create a temporary file in the tempdir. ;; There *is* a race condition between `make-temp-name' ;; and `write-region', but we don't care it since we are ;; in a private directory now. (setq tempfile (make-temp-name (concat tempdir "/EMU"))) (write-region "" nil tempfile nil 'silent) - (set-file-modes tempfile 384) ;; Finally, make a hard-link from the tempfile. (while (condition-case () (progn @@ -1986,6 +1986,7 @@ You can then use `write-region' to write new data into the file." ;; let's try again. (file-already-exists t))) file) + (set-default-file-modes orig-modes) ;; Cleanup the tempfile. (and tempfile (file-exists-p tempfile)