Set permissions of saved attachments to be private to the current user#6363
Merged
droidmonkey merged 2 commits intokeepassxreboot:developfrom May 13, 2021
Merged
Conversation
xvallspl
approved these changes
May 12, 2021
xvallspl
previously requested changes
May 12, 2021
Contributor
xvallspl
left a comment
There was a problem hiding this comment.
Please run clang-format/ make format on it
droidmonkey
approved these changes
May 13, 2021
droidmonkey
pushed a commit
that referenced
this pull request
May 15, 2021
droidmonkey
pushed a commit
that referenced
this pull request
May 15, 2021
droidmonkey
pushed a commit
that referenced
this pull request
May 16, 2021
droidmonkey
pushed a commit
that referenced
this pull request
May 30, 2021
droidmonkey
added a commit
that referenced
this pull request
Jun 8, 2021
Added - Show search bar when toolbar is hidden or in overflow [#6279] - Show countdown for clipboard clearing in status bar [#6333] - Command line option to lock all open databases [#6511] - Allow CSV import of bare TOTP secrets [#6211] - Retain file creation time when saving database [#6576] - Set permissions of saved attachments to be private to the current user [#6363] - OPVault: Use Text instead of Name for attribute names [#6334] Changed - Reports: Allow resizing of reports columns [#6435] - Reports: Toggle showing expired entries [#6534] - Save Always on Top setting [#6236] - Password generator can exclude additional lookalike characters (6/G, 8/B) [#6196] Fixed - Allow setting MSI properties in unattended install [#6196] - Update MainWindow minimum size to enable smaller verticle space [#6196] - Use application font size when setting default or monospace fonts [#6332] - Fix notes not clearing in entry preview panel in some cases [#6481] - macOS: Correct window activation when restoring from tray [#6575] - macOS: Better handling of minimize after unlock when using browser integration [#6338] - Linux: Start after the system tray is available on LXQt [#6216] - Linux: Allow selection of modal dialogs on X11 in Auto-Type [#6204] - KeeShare: prevent crash when file extension is missing [#6174]
aswild
added a commit
to aswild/keepassxc
that referenced
this pull request
Jun 15, 2021
Release 2.6.5 Added - Show search bar when toolbar is hidden or in overflow [keepassxreboot#6279] - Show countdown for clipboard clearing in status bar [keepassxreboot#6333] - Command line option to lock all open databases [keepassxreboot#6511] - Allow CSV import of bare TOTP secrets [keepassxreboot#6211] - Retain file creation time when saving database [keepassxreboot#6576] - Set permissions of saved attachments to be private to the current user [keepassxreboot#6363] - OPVault: Use Text instead of Name for attribute names [keepassxreboot#6334] Changed - Reports: Allow resizing of reports columns [keepassxreboot#6435] - Reports: Toggle showing expired entries [keepassxreboot#6534] - Save Always on Top setting [keepassxreboot#6236] - Password generator can exclude additional lookalike characters (6/G, 8/B) [keepassxreboot#6196] Fixed - Allow setting MSI properties in unattended install [keepassxreboot#6196] - Update MainWindow minimum size to enable smaller verticle space [keepassxreboot#6196] - Use application font size when setting default or monospace fonts [keepassxreboot#6332] - Fix notes not clearing in entry preview panel in some cases [keepassxreboot#6481] - macOS: Correct window activation when restoring from tray [keepassxreboot#6575] - macOS: Better handling of minimize after unlock when using browser integration [keepassxreboot#6338] - Linux: Start after the system tray is available on LXQt [keepassxreboot#6216] - Linux: Allow selection of modal dialogs on X11 in Auto-Type [keepassxreboot#6204] - KeeShare: prevent crash when file extension is missing [keepassxreboot#6174] Release 2.6.6 Fixed - Fix focusing search when pressing hotkey [keepassxreboot#6603] - Trim whitespace from TOTP key input prior to processing [keepassxreboot#6604] - Fix building on macOS [keepassxreboot#6598] - Resolve compiler warnings for unused return values [keepassxreboot#6607]
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
I sometimes want to export an SSH key from a database and use it without having KeePassXC running (I mostly use the SSH agent integration, but in certain cases I want the key outside of the database).
But what happens in that case is that I get this warning:
So I run
chmod 600on the file and then continue on with my day.But I think it would be appropriate if KeePassXC did this for me. After all, you may have things more sensitive than an SSH key and it is best if KeePassXC does whatever it can to keep those things private.
I wanted
file.setPermissionsto be run beforefile.writeso that the permissions are set before the contents are written. But this would mean that an error would appear if you can't set the permissions for some reason, but I don't know if this is even a possible scenario.Testing strategy
I compiled KeePassXC and exported files and made sure that the permission bits are set as expected.
Type of change
P.S.
The page https://github.com/keepassxreboot/keepassxc/wiki/Set-up-Build-Environment-on-Linux says that
libqt5x11extras5-devis an optional dependency, but it appears to be required now. If that's intended then the page should be updated.