[Patch] Prints a warning if directory mode is wrong

Lefteris Chatzibarbas lefcha at hol.gr
Sat May 19 17:00:02 CEST 2001 

Hi,

Here's a patch that checks the permissions of GNUPG_HOMEDIR and prints a
warning if they are not 700.
-------------- next part --------------
diff -urN gnupg-1.0.5/g10/g10.c gnupg/g10/g10.c
--- gnupg-1.0.5/g10/g10.c	Tue Mar 27 17:53:39 2001
+++ gnupg/g10/g10.c	Thu May 17 16:27:15 2001
@@ -661,6 +661,9 @@
 	opt.homedir = GNUPG_HOMEDIR;
     }
 
+    /* check homedir permissions */
+    check_dir_perms(make_filename(opt.homedir, NULL));
+
     /* check whether we have a config file on the commandline */
     orig_argc = argc;
     orig_argv = argv;
diff -urN gnupg-1.0.5/include/util.h gnupg/include/util.h
--- gnupg-1.0.5/include/util.h	Sat Apr 28 20:51:57 2001
+++ gnupg/include/util.h	Thu May 17 15:12:39 2001
@@ -145,7 +145,7 @@
 int compare_filenames( const char *a, const char *b );
 const char *print_fname_stdin( const char *s );
 const char *print_fname_stdout( const char *s );
-
+int check_dir_perms(const char *dname);
 
 /*-- miscutil.c --*/
 u32 make_timestamp(void);
diff -urN gnupg-1.0.5/util/fileutil.c gnupg/util/fileutil.c
--- gnupg-1.0.5/util/fileutil.c	Sun Apr 29 16:26:37 2001
+++ gnupg/util/fileutil.c	Thu May 17 16:26:18 2001
@@ -25,6 +25,9 @@
 #include <string.h>
 #include <assert.h>
 #include <unistd.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/stat.h>
 #include "util.h"
 #include "memory.h"
 #include "ttyio.h"
@@ -155,4 +158,32 @@
     return s;
 }
 
+/*
+ * Check homedir permissions and print a warning if improperly set.
+ */
+int check_dir_perms(const char *dname)
+{
+    struct stat dstat;
+
+    if (access(dname, F_OK))
+	return 0;
+
+    if (stat(dname, &dstat)) {
+        log_error("could not get dir %s status: %s\n", dname, strerror(errno));
+        return -2;
+    }
+
+    if (!S_ISDIR(dstat.st_mode)) {
+        log_error("file %s is not a directory\n", dname);
+        return -2;
+    }
+
+    if ((dstat.st_mode & 00777) != (S_IRUSR | S_IWUSR | S_IXUSR)) {
+        log_info("Warning: bad dir %s permissions %o, should be 700\n", 
+		dname, (dstat.st_mode & 00777));
+        return -1;
+    }
+
+    return 0;
+}

More information about the Gnupg-devel mailing list