From cc706d9f0978c03f730aec627c5b656ee4eec58f Mon Sep 17 00:00:00 2001
From: "Wayne R. Roth" <wayneroth42@gmail.com>
Date: Tue, 19 Jan 2016 22:09:37 -0800
Subject: [PATCH] mkswap: add warnings for insecure device permissions/owners

Logic modified from sys-utils/swapon.c

Signed-off-by: Wayne R. Roth <wayneroth42@gmail.com>
---
 disk-utils/mkswap.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/disk-utils/mkswap.c b/disk-utils/mkswap.c
index c559e60e44..22999dafb9 100644
--- a/disk-utils/mkswap.c
+++ b/disk-utils/mkswap.c
@@ -344,7 +344,7 @@ static void write_header_to_device(struct mkswap_control *ctl)
 int main(int argc, char **argv)
 {
 	struct mkswap_control ctl = { .fd = -1 };
-	int c;
+	int c, permMask;
 	uint64_t sz;
 	int version = SWAP_VERSION;
 	char *block_count = NULL, *strsz = NULL;
@@ -464,6 +464,15 @@ int main(int argc, char **argv)
 			ctl.devname);
 
 	open_device(&ctl);
+	permMask = S_ISBLK(ctl.devstat.st_mode) ? 07007 : 07077;
+	if ((ctl.devstat.st_mode & permMask) != 0)
+		warnx(_("%s: insecure permissions %04o, %04o suggested."),
+			ctl.devname, ctl.devstat.st_mode & 07777,
+			~permMask & 0666);
+	if (getuid() == 0 && S_ISREG(ctl.devstat.st_mode) && ctl.devstat.st_uid != 0)
+		warnx(_("%s: insecure file owner %d, 0 (root) suggested."),
+			ctl.devname, ctl.devstat.st_uid);
+
 
 	if (ctl.check)
 		check_blocks(&ctl);
-- 
2.47.2