From 6ae62c952be82c37f4e96414539c3b4e651186ed Mon Sep 17 00:00:00 2001 From: Mehdi Zerouali Date: Wed, 2 Oct 2019 11:16:34 +1000 Subject: [PATCH] Change private key file permissions (#551) * Import the libc crate for file permission management * Tighten permissions on key file * Fix code to match style guidelines --- validator_client/Cargo.toml | 1 + validator_client/src/config.rs | 4 ++++ validator_client/src/lib.rs | 1 + 3 files changed, 6 insertions(+) diff --git a/validator_client/Cargo.toml b/validator_client/Cargo.toml index f6961cba87..dcadf3b478 100644 --- a/validator_client/Cargo.toml +++ b/validator_client/Cargo.toml @@ -38,3 +38,4 @@ bincode = "^1.1.2" futures = "0.1.25" dirs = "2.0.1" logging = { path = "../eth2/utils/logging" } +libc = "0.2" diff --git a/validator_client/src/config.rs b/validator_client/src/config.rs index d1d04722bc..d56487616a 100644 --- a/validator_client/src/config.rs +++ b/validator_client/src/config.rs @@ -261,12 +261,16 @@ impl Config { /// Saves a keypair to a file inside the appropriate validator directory. Returns the saved path filename. #[allow(dead_code)] pub fn save_key(&self, key: &Keypair) -> Result { + use std::os::unix::fs::PermissionsExt; let validator_config_path = self.data_dir.join(key.identifier()); let key_path = validator_config_path.join(DEFAULT_PRIVATE_KEY_FILENAME); fs::create_dir_all(&validator_config_path)?; let mut key_file = File::create(&key_path)?; + let mut perm = key_file.metadata()?.permissions(); + perm.set_mode((libc::S_IWUSR | libc::S_IRUSR) as u32); + key_file.set_permissions(perm)?; bincode::serialize_into(&mut key_file, &key) .map_err(|e| Error::new(ErrorKind::InvalidData, e))?; diff --git a/validator_client/src/lib.rs b/validator_client/src/lib.rs index 470a070e87..fc08d6a123 100644 --- a/validator_client/src/lib.rs +++ b/validator_client/src/lib.rs @@ -1,3 +1,4 @@ +extern crate libc; pub mod config; pub use crate::config::Config;