From f91fa04fe5c5813f2ce200fbc59b52e0a00d4bea Mon Sep 17 00:00:00 2001
From: Seth Vidal <skvidal@fedoraproject.org>
Date: Thu, 27 Sep 2007 12:33:06 -0400
Subject: - certs.py: write keys out as mode 600 - make sure we setup the
 config dict immediately in config_data - clean up our config, pki and var
 dirs on removal

---
 func/certs.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'func')

diff --git a/func/certs.py b/func/certs.py
index bf624a2..6e3a025 100644
--- a/func/certs.py
+++ b/func/certs.py
@@ -29,9 +29,9 @@ def make_keypair(dest=None):
     pkey = crypto.PKey()
     pkey.generate_key(crypto.TYPE_RSA, 2048)
     if dest:
-        destfo = open(dest, 'w')
-        destfo.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
-        destfo.close()
+        destfd = os.open(dest, os.O_RDWR|os.O_CREAT, 0600)
+        os.write(destfd, (crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)))
+        os.close(destfd)
     
     return pkey
 
-- 
cgit