diff options
| author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2019-04-07 20:48:30 +0200 |
|---|---|---|
| committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2019-04-09 08:50:22 +0200 |
| commit | 7a309a8c63a5b090f093e561dadc47b576afa569 (patch) | |
| tree | 804c26d8f10e420fff81f90900a4d169a6a7d7bb /src/basic/fileio.c | |
| parent | util: introduce READ_FULL_FILE_SECURE flag for reading secure data (diff) | |
| download | systemd-7a309a8c63a5b090f093e561dadc47b576afa569.tar.xz systemd-7a309a8c63a5b090f093e561dadc47b576afa569.zip | |
fileio: introduce warn_file_is_world_accessible()
Diffstat (limited to 'src/basic/fileio.c')
| -rw-r--r-- | src/basic/fileio.c | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/src/basic/fileio.c b/src/basic/fileio.c index 028e81cf96..7196516b9e 100644 --- a/src/basic/fileio.c +++ b/src/basic/fileio.c @@ -843,3 +843,28 @@ int safe_fgetc(FILE *f, char *ret) { return 1; } + +int warn_file_is_world_accessible(const char *filename, struct stat *st, const char *unit, unsigned line) { + struct stat _st; + + if (!filename) + return 0; + + if (!st) { + if (stat(filename, &_st) < 0) + return -errno; + st = &_st; + } + + if ((st->st_mode & S_IRWXO) == 0) + return 0; + + if (unit) + log_syntax(unit, LOG_WARNING, filename, line, 0, + "%s has %04o mode that is too permissive, please adjust the access mode.", + filename, st->st_mode & 07777); + else + log_warning("%s has %04o mode that is too permissive, please adjust the access mode.", + filename, st->st_mode & 07777); + return 0; +} |