suggest config file permissions

3 years ago · 720f956267
parent 9c6f7703dc
commit 720f956267
2 changed files with 7 additions and 3 deletions
--- a/us.c
+++ b/us.c
@ -741,7 +741,8 @@ static int get_config(struct config **conf, int *num)
 		die("config file must be a regular file");
 	if (st.st_mode & S_IRWXO || st.st_mode & S_IROTH ||
 	    st.st_mode & S_IWOTH || st.st_mode & S_IXOTH)
-	    	die("others may not modify, read or execute config file");
+	    	die("others may not modify, read or execute config file\n"
+	    	    "suggested permissions for the config file: 660");
 	char line[CONF_LINE_MAX];
 	*num = 0;
 	*conf =  NULL;
--- a/us.conf.5
+++ b/us.conf.5
@ -51,8 +51,11 @@ execution of the command. A valid environment variable list starts with an
 uppercase letter and ends at the next space.
 .PP
 A valid config line must be owned by root:root and should not be readable,
-writable or executable for any other user or group, if the config file fails
-to meet this requirements it will get rejected and invocation will fail.
+writable or executable for any other user or group, in other words the best
+file permissions for the config file are
+.BR 660
+if the config file fails to meet this requirements it will get rejected and
+invocation will fail.

 .SH FILES
 .IP /etc/us.conf