[xiph-commits] r12590 - in trunk/ezstream: . src

moritz at svn.xiph.org moritz at svn.xiph.org
Wed Feb 28 07:35:09 PST 2007 

Author: moritz
Date: 2007-02-28 07:35:07 -0800 (Wed, 28 Feb 2007)
New Revision: 12590

Modified:
   trunk/ezstream/configure.in
   trunk/ezstream/src/ezstream.c
Log:
Replace geteuid() check with stat(), and make it an error if the configuration
file is group or world writeable. This is actually what the warning about root
was all about.


Modified: trunk/ezstream/configure.in
===================================================================
--- trunk/ezstream/configure.in	2007-02-28 13:53:58 UTC (rev 12589)
+++ trunk/ezstream/configure.in	2007-02-28 15:35:07 UTC (rev 12590)
@@ -63,7 +63,7 @@
 dnl LIBRARY FUNCTIONS
 
 AC_CHECK_LIB(gen, basename)
-AC_CHECK_FUNCS(arc4random geteuid gettimeofday random srandomdev)
+AC_CHECK_FUNCS(arc4random gettimeofday random srandomdev stat)
 AC_REPLACE_FUNCS(getopt strlcat strlcpy)
 if test x"$ac_cv_header_signal_h" = "xyes"; then
 	AC_CHECK_FUNCS([sigaction], [

Modified: trunk/ezstream/src/ezstream.c
===================================================================
--- trunk/ezstream/src/ezstream.c	2007-02-28 13:53:58 UTC (rev 12589)
+++ trunk/ezstream/src/ezstream.c	2007-02-28 15:35:07 UTC (rev 12590)
@@ -25,6 +25,9 @@
 #ifdef HAVE_SYS_TYPES_H
 # include <sys/types.h>
 #endif
+#ifdef HAVE_SYS_STAT_H
+# include <sys/stat.h>
+#endif
 #ifdef HAVE_SYS_TIME_H
 # include <sys/time.h>
 #endif
@@ -825,14 +828,6 @@
 	qFlag = 0;
 	vFlag = 0;
 
-#ifdef HAVE_GETEUID
-	if (geteuid() == 0) {
-		printf("WARNING: You should not run %s as root. It can run other programs, which\n",
-		       __progname);
-		printf("         may cause serious security problems.\n");
-	}
-#endif
-
 	while ((c = getopt(argc, argv, "c:hqv")) != -1) {
 		switch (c) {
 		case 'c':
@@ -870,16 +865,35 @@
 	} else {
 		/*
 		 * Attempt to open configFile here for a more meaningful error
-		 * message.
+		 * message. Where possible, do it with stat() and check for
+		 * safe config file permissions.
 		 */
-		FILE	*tmp;
+#ifdef HAVE_STAT
+		struct stat	  st;
 
+		if (stat(configFile, &st) == -1) {
+			printf("%s: %s\n", configFile, strerror(errno));
+			usage();
+			return (2);
+		}
+		if (vFlag && (st.st_mode & (S_IRGRP | S_IROTH)))
+			printf("%s: Warning: %s is group and/or world readable.\n",
+			       __progname, configFile);
+		if (st.st_mode & (S_IWGRP | S_IWOTH)) {
+			printf("%s: Error: %s is group and/or world writeable.\n",
+			       __progname, configFile);
+			return (2);
+		}
+#else
+		FILE		 *tmp;
+
 		if ((tmp = fopen(configFile, "r")) == NULL) {
 			printf("%s: %s\n", configFile, strerror(errno));
 			usage();
 			return (2);
-		} else
-			fclose(tmp);
+		}
+		fclose(tmp);
+#endif /* HAVE_STAT */
 	}
 
 	if (!parseConfig(configFile))

More information about the commits mailing list