diff options
Diffstat (limited to 'src/shared/util.c')
| -rw-r--r-- | src/shared/util.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/src/shared/util.c b/src/shared/util.c index aae587243e..f76ed6f563 100644 --- a/src/shared/util.c +++ b/src/shared/util.c @@ -6132,3 +6132,21 @@ int open_tmpfile(const char *path, int flags) { unlink(p); return fd; } + +int fd_warn_permissions(const char *path, int fd) { + struct stat st; + + if (fstat(fd, &st) < 0) + return -errno; + + if (st.st_mode & 0111) + log_warning("Configuration file %s is marked executable. Please remove executable permission bits. Proceeding anyway.", path); + + if (st.st_mode & 0002) + log_warning("Configuration file %s is marked world-writable. Please remove world writability permission bits. Proceeding anyway.", path); + + if (getpid() == 1 && (st.st_mode & 0044) != 0044) + log_warning("Configuration file %s is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.", path); + + return 0; +} |