alema/us
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

suggest config file permissions

Browse Source
This commit is contained in:
Alessandro Mauri 2021-07-25 18:06:28 +02:00
parent 9c6f7703dc
commit 720f956267
2 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
us.c
View File

@ -741,7 +741,8 @@ static int get_config(struct config **conf, int *num)
die("config file must be a regular file"); die("config file must be a regular file");
if (st.st_mode & S_IRWXO || st.st_mode & S_IROTH || if (st.st_mode & S_IRWXO || st.st_mode & S_IROTH ||
st.st_mode & S_IWOTH || st.st_mode & S_IXOTH) st.st_mode & S_IWOTH || st.st_mode & S_IXOTH)
die("others may not modify, read or execute config file"); die("others may not modify, read or execute config file\n"
"suggested permissions for the config file: 660");
char line[CONF_LINE_MAX]; char line[CONF_LINE_MAX];
*num = 0; *num = 0;
*conf = NULL; *conf = NULL;

7
us.conf.5
View File

@ -51,8 +51,11 @@ execution of the command. A valid environment variable list starts with an
uppercase letter and ends at the next space. uppercase letter and ends at the next space.
.PP .PP
A valid config line must be owned by root:root and should not be readable, A valid config line must be owned by root:root and should not be readable,
writable or executable for any other user or group, if the config file fails writable or executable for any other user or group, in other words the best
to meet this requirements it will get rejected and invocation will fail. file permissions for the config file are
.BR 660
if the config file fails to meet this requirements it will get rejected and
invocation will fail.
.SH FILES .SH FILES
.IP /etc/us.conf .IP /etc/us.conf