[elbe-devel] [PATCH] elbepack: egpg: create gpg director with tighter restrictions
Thomas Weißschuh
thomas.weissschuh at linutronix.de
Wed Aug 21 11:39:11 CEST 2024
If the gpg directory has overly broad persmissions, gpg will emit
warnings. Avoid those.
Signed-off-by: Thomas Weißschuh <thomas.weissschuh at linutronix.de>
---
elbepack/egpg.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/elbepack/egpg.py b/elbepack/egpg.py
index c995b2c70fc2..2a5e32fdebea 100644
--- a/elbepack/egpg.py
+++ b/elbepack/egpg.py
@@ -269,7 +269,7 @@ EOT = 4294967295
def generate_elbe_internal_key():
gpg_agent_conf = pathlib.Path('/var/cache/elbe/gnupg/gpg-agent.conf')
- gpg_agent_conf.parent.mkdir(mode=0o755, parents=True, exist_ok=True)
+ gpg_agent_conf.parent.mkdir(mode=0o700, parents=True, exist_ok=True)
gpg_agent_conf.write_text('allow-preset-passphrase\n'
f'default-cache-ttl {EOT}\n'
f'max-cache-ttl {EOT}\n')
---
base-commit: b9c9ecd45b95a8c53c2e9e19c4379e3e87c7983d
change-id: 20240821-gpg-warning-de554404b18a
Best regards,
--
Thomas Weißschuh <thomas.weissschuh at linutronix.de>
More information about the elbe-devel
mailing list