Contents of /trunk/ddclient/patches/ddclient-3.7.0-reasonable-security.patch
Parent Directory | Revision Log
Revision 144 -
(show annotations)
(download)
Tue May 8 20:06:05 2007 UTC (17 years, 4 months ago) by niro
File size: 858 byte(s)
Tue May 8 20:06:05 2007 UTC (17 years, 4 months ago) by niro
File size: 858 byte(s)
-import
1 | --- ddclient 2006-04-11 10:14:16.000000000 +0100 |
2 | +++ ddclient 2006-04-11 20:31:14.000000000 +0100 |
3 | @@ -776,15 +776,10 @@ |
4 | # fatal("Cannot open file '%s'. ($!)", $file); |
5 | warning("Cannot open file '%s'. ($!)", $file); |
6 | } |
7 | - # Check for only owner has any access to config file |
8 | + # Guard against world-readability of config file |
9 | my ($dev, $ino, $mode, @statrest) = stat(FD); |
10 | - if ($mode & 077) { |
11 | - if (-f FD && (chmod 0600, $file)) { |
12 | - warning("file $file must be accessible only by its owner (fixed)."); |
13 | - } else { |
14 | - # fatal("file $file must be accessible only by its owner."); |
15 | - warning("file $file must be accessible only by its owner."); |
16 | - } |
17 | + if ($mode & 007) { |
18 | + fatal("Must not be world-accessible\nchange its permissions using e.g.\nchmod 640", $file); |
19 | } |
20 | |
21 | local $lineno = 0; |