diff options
Diffstat (limited to '')
| -rwxr-xr-x | src/password-store.sh | 15 | ||||
| -rw-r--r-- | src/platform/darwin.sh | 20 |
2 files changed, 20 insertions, 15 deletions
diff --git a/src/password-store.sh b/src/password-store.sh index 8c6c9c5..dfd59fe 100755 --- a/src/password-store.sh +++ b/src/password-store.sh @@ -163,11 +163,16 @@ clip() { echo "Copied $2 to clipboard. Will clear in $CLIP_TIME seconds." } tmpdir() { + [[ -n $SECURE_TMPDIR ]] && return local warn=1 [[ $1 == "nowarn" ]] && warn=0 local template="$PROGRAM.XXXXXXXXXXXXX" if [[ -d /dev/shm && -w /dev/shm && -x /dev/shm ]]; then SECURE_TMPDIR="$(TMPDIR=/dev/shm mktemp -d -t "$template")" + remove_tmpfile() { + rm -rf "$SECURE_TMPDIR" + } + trap remove_tmpfile INT TERM EXIT else [[ $warn -eq 1 ]] && yesno "$(cat <<-_EOF Your system does not have /dev/shm, which means that it may @@ -178,6 +183,11 @@ tmpdir() { _EOF )" SECURE_TMPDIR="$(mktemp -d -t "$template")" + shred_tmpfile() { + find "$SECURE_TMPDIR" -type f -exec $SHRED {} + + rm -rf "$SECURE_TMPDIR" + } + trap shred_tmpfile INT TERM EXIT fi } @@ -413,11 +423,6 @@ cmd_edit() { tmpdir #Defines $SECURE_TMPDIR local tmp_file="$(TMPDIR="$SECURE_TMPDIR" mktemp -t "$template")" - eval "shred_tmpfile() { - $SHRED '$tmp_file' - rm -rf '$SECURE_TMPDIR' '$tmp_file' - }" - trap shred_tmpfile INT TERM EXIT local action="Add" diff --git a/src/platform/darwin.sh b/src/platform/darwin.sh index 1b76c33..24bd048 100644 --- a/src/platform/darwin.sh +++ b/src/platform/darwin.sh @@ -16,19 +16,19 @@ clip() { } tmpdir() { - cleanup_tmp() { - [[ -d $SECURE_TMPDIR ]] || return - rm -rf "$tmp_file" "$SECURE_TMPDIR" 2>/dev/null + [[ -n $SECURE_TMPDIR ]] && return + unmount_tmpdir() { + [[ -n $SECURE_TMPDIR && -d $SECURE_TMPDIR && -n $DARWIN_RAMDISK_DEV ]] || return umount "$SECURE_TMPDIR" - diskutil quiet eject "$ramdisk_dev" - rmdir "$SECURE_TMPDIR" + diskutil quiet eject "$DARWIN_RAMDISK_DEV" + rm -rf "$SECURE_TMPDIR" } - trap cleanup_tmp INT TERM EXIT + trap unmount_tmpdir INT TERM EXIT SECURE_TMPDIR="$(mktemp -t "$template" -d)" - local ramdisk_dev="$(hdid -drivekey system-image=yes -nomount 'ram://32768' | cut -d ' ' -f 1)" # 32768 sectors = 16 mb - [[ -z $ramdisk_dev ]] && exit 1 - newfs_hfs -M 700 "$ramdisk_dev" &>/dev/null || exit 1 - mount -t hfs -o noatime -o nobrowse "$ramdisk_dev" "$SECURE_TMPDIR" || exit 1 + DARWIN_RAMDISK_DEV="$(hdid -drivekey system-image=yes -nomount 'ram://32768' | cut -d ' ' -f 1)" # 32768 sectors = 16 mb + [[ -z $DARWIN_RAMDISK_DEV ]] && die "Error: could not create ramdisk." + newfs_hfs -M 700 "$DARWIN_RAMDISK_DEV" &>/dev/null || die "Error: could not create filesystem on ramdisk." + mount -t hfs -o noatime -o nobrowse "$DARWIN_RAMDISK_DEV" "$SECURE_TMPDIR" || die "Error: could not mount filesystem on ramdisk." } GETOPT="$(brew --prefix gnu-getopt 2>/dev/null || echo /usr/local)/bin/getopt" |