From daa22c6f8da466bd7a438f1bc27375fd737ffcf3 Mon Sep 17 00:00:00 2001 From: Eric Wong Date: Tue, 6 May 2014 00:17:14 +0000 Subject: config: preserve config file permissions on edits Users may already store sensitive data such as imap.pass in .git/config; making the file world-readable when "git config" is called to edit means their password would be compromised on a shared system. [v2: updated for section renames, as noted by Junio] Signed-off-by: Eric Wong Signed-off-by: Junio C Hamano --- config.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'config.c') diff --git a/config.c b/config.c index 314d8ee740..62de69e148 100644 --- a/config.c +++ b/config.c @@ -1634,6 +1634,13 @@ int git_config_set_multivar_in_file(const char *config_filename, MAP_PRIVATE, in_fd, 0); close(in_fd); + if (fchmod(fd, st.st_mode & 07777) < 0) { + error("fchmod on %s failed: %s", + lock->filename, strerror(errno)); + ret = CONFIG_NO_WRITE; + goto out_free; + } + if (store.seen == 0) store.seen = 1; @@ -1782,6 +1789,7 @@ int git_config_rename_section_in_file(const char *config_filename, int out_fd; char buf[1024]; FILE *config_file; + struct stat st; if (new_name && !section_name_is_ok(new_name)) { ret = error("invalid section name: %s", new_name); @@ -1803,6 +1811,14 @@ int git_config_rename_section_in_file(const char *config_filename, goto unlock_and_out; } + fstat(fileno(config_file), &st); + + if (fchmod(out_fd, st.st_mode & 07777) < 0) { + ret = error("fchmod on %s failed: %s", + lock->filename, strerror(errno)); + goto out; + } + while (fgets(buf, sizeof(buf), config_file)) { int i; int length; -- cgit v1.2.3