r13239@catbus: nickm | 2007-06-04 11:30:37 -0400

 Fix the fix for bug 445: set umask properly.  Also use open+fdopen rather than just umask+fopen, and create authority identity key with mode 400.


svn:r10485

2 files changed, 3 insertions, 2 deletions

diff --git a/src/common/crypto.c b/src/common/crypto.c
index d4059e0d75..bcb8a375a8 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -566,7 +566,6 @@ crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env,
   s = tor_malloc(len+1);
   memcpy(s, cp, len);
   s[len]='\0';
-  /* XXXX020 make this file get created with mode 600. */
   r = write_str_to_file(fname, s, 0);
   BIO_free(bio);
   tor_free(s);
diff --git a/src/common/util.c b/src/common/util.c
index 74279cee7a..4c9370945d 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -1371,7 +1371,9 @@ check_private_dir(const char *dirname, cpd_check_t check)
 /** Create a file named <b>fname</b> with the contents <b>str</b>.  Overwrite
  * the previous <b>fname</b> if possible.  Return 0 on success, -1 on failure.
  *
- * This function replaces the old file atomically, if possible.
+ * This function replaces the old file atomically, if possible.  This
+ * function, and all other functions in util.c that create files, create them
+ * with mode 0600.
  */
 int
 write_str_to_file(const char *fname, const char *str, int bin)