aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--NEWS5
-rw-r--r--client/file.c5
-rw-r--r--client/wallet.pod15
3 files changed, 22 insertions, 3 deletions
diff --git a/NEWS b/NEWS
index d2f12bd..d8c4e00 100644
--- a/NEWS
+++ b/NEWS
@@ -14,6 +14,11 @@ wallet 0.6 (unreleased)
keytab keys into that file rather than moving aside the old keytab and
creating a new keytab with only the new keys.
+ If -f is used and the output file name with ".new" appended already
+ exists, unlink it first and then create it safely rather than
+ truncating it. This is much safer when creating files in a
+ world-writable directory.
+
Support enforcing a naming policy for wallet objects via a Perl
function in the wallet server configuration file.
diff --git a/client/file.c b/client/file.c
index ce25ab5..17f0f23 100644
--- a/client/file.c
+++ b/client/file.c
@@ -26,7 +26,10 @@ overwrite_file(const char *name, const void *data, size_t length)
int fd;
ssize_t status;
- fd = open(name, O_WRONLY | O_CREAT | O_TRUNC, 0600);
+ if (access(name, F_OK) == 0)
+ if (unlink(name) < 0)
+ sysdie("unable to delete existing file %s", name);
+ fd = open(name, O_WRONLY | O_CREAT | O_EXCL, 0600);
if (fd < 0)
sysdie("open of %s failed", name);
status = write(fd, data, length);
diff --git a/client/wallet.pod b/client/wallet.pod
index 709d4a6..0a6f395 100644
--- a/client/wallet.pod
+++ b/client/wallet.pod
@@ -69,8 +69,19 @@ F<krb5.conf>; see L<CONFIGURATION> below.
This flag is only used in combination with the C<get> command. Rather
than sending the secure data to standard output (the default), store the
-secure data in the file I<output>. Any existing contents of I<output>
-will be destroyed.
+secure data in the file I<output>.
+
+If the object being retrieved is not a keytab object, any current file
+named I<output> is renamed to F<I<outout>.bak> before the new file is
+created. F<I<outout>.new> is used as a temporary file and any existing
+file with that name will be deleted.
+
+If the object being retrieved is a keytab object and the file I<output>
+already exists, the downloaded keys will be added to the existing keytab
+file I<output>. Old keys are not removed; you may wish to run C<kadmin
+ktremove> or an equivalent later to clean up old keys. F<I<output>.new>
+is still used as a temporary file and any existing file with that name
+will be deleted.
=item B<-k> I<principal>
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-31 17:30:07 +0000