network: also check the permission of key file

author: Yu Watanabe <watanabe.yu+github@gmail.com> 2019-09-11 11:09:55 +0200
committer: Yu Watanabe <watanabe.yu+github@gmail.com> 2019-09-11 14:11:01 +0200
commit: 0bae857564e5189bed600f0a243d96b81b5dcb09 (patch)
tree: c8163aafa869b1673638854b2d8147d8ca30a320 /src/network/netdev/wireguard.c
parent: Merge pull request #13511 from ssahani/networkctl-dhcp (diff)
download: systemd-0bae857564e5189bed600f0a243d96b81b5dcb09.tar.xz
systemd-0bae857564e5189bed600f0a243d96b81b5dcb09.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/src/network/netdev/wireguard.c b/src/network/netdev/wireguard.c
index 913ee2a058..a40b32d148 100644
--- a/src/network/netdev/wireguard.c
+++ b/src/network/netdev/wireguard.c
@@ -901,6 +901,8 @@ static int wireguard_read_key_file(const char *filename, uint8_t dest[static WG_
 
         assert(dest);
 
+        (void) warn_file_is_world_accessible(filename, NULL, NULL, 0);
+
         r = read_full_file_full(filename, READ_FULL_FILE_SECURE | READ_FULL_FILE_UNBASE64, &key, &key_len);
         if (r < 0)
                 return r;
author	Yu Watanabe <watanabe.yu+github@gmail.com>	2019-09-11 11:09:55 +0200
committer	Yu Watanabe <watanabe.yu+github@gmail.com>	2019-09-11 14:11:01 +0200
commit	0bae857564e5189bed600f0a243d96b81b5dcb09 (patch)
tree	c8163aafa869b1673638854b2d8147d8ca30a320 /src/network/netdev/wireguard.c
parent	Merge pull request #13511 from ssahani/networkctl-dhcp (diff)
download	systemd-0bae857564e5189bed600f0a243d96b81b5dcb09.tar.xz systemd-0bae857564e5189bed600f0a243d96b81b5dcb09.zip