From 7639f4684a7a9090e246915f71759f31b0e77ab4 Mon Sep 17 00:00:00 2001
From: Klas Lindfors <klas@yubico.com>
Date: Thu, 31 Mar 2016 10:11:44 +0200
Subject: [PATCH] set file permissions when creating a new challenge file

---
 ykpamcfg.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ykpamcfg.c b/ykpamcfg.c
index 29b75c8..8e9dc0c 100644
--- a/ykpamcfg.c
+++ b/ykpamcfg.c
@@ -240,6 +240,11 @@ do_add_hmac_chalresp(YK_KEY *yk, uint8_t slot, bool verbose, char *output_dir, u
   if (! write_chalresp_state (f, &state))
     goto out;
 
+  if (! chmod (fn, S_IRUSR | S_IWUSR)) {
+    fprintf (stderr, "Failed setting permissions on new challenge file %s.\n", fn);
+    goto out;
+  }
+
   printf ("Stored initial challenge and expected response in '%s'.\n", fn);
 
   *exit_code = 0;