From 34ea2242900ba7e3004413c17ed424c6b376bf1b Mon Sep 17 00:00:00 2001
From: Roman Zeyde <roman.zeyde@gmail.com>
Date: Tue, 20 Feb 2018 21:21:45 +0200
Subject: [PATCH] gpg: the scripts should be only user-readable

---
 libagent/gpg/__init__.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libagent/gpg/__init__.py b/libagent/gpg/__init__.py
index 351b7da..fa5091a 100644
--- a/libagent/gpg/__init__.py
+++ b/libagent/gpg/__init__.py
@@ -138,7 +138,7 @@ def run_init(device_type, args):
 export PATH={0}
 {1} $*
 """.format(os.environ['PATH'], agent_path))
-    check_call(['chmod', 'u+x', f.name])
+    check_call(['chmod', '700', f.name])
     run_agent_script = f.name
 
     # Prepare GPG configuration file
@@ -169,7 +169,7 @@ else
     ${{COMMAND}}
 fi
 """.format(homedir))
-    check_call(['chmod', 'u+x', f.name])
+    check_call(['chmod', '700', f.name])
 
     # Generate new GPG identity and import into GPG keyring
     pubkey = write_file(os.path.join(homedir, 'pubkey.asc'),