fileio: introduce warn_file_is_world_accessible()

diff --git a/src/basic/fileio.c b/src/basic/fileio.c
index 028e81cf96a4f434ac16338165ae55c2afb495b4..7196516b9e4012d30680e6c6c1a1fcd3ce43d4ca 100644 (file)
--- a/src/basic/fileio.c
+++ b/src/basic/fileio.c
@@ -843,3 +843,28 @@ int safe_fgetc(FILE *f, char *ret) {
 
         return 1;
 }
+
+int warn_file_is_world_accessible(const char *filename, struct stat *st, const char *unit, unsigned line) {
+        struct stat _st;
+
+        if (!filename)
+                return 0;
+
+        if (!st) {
+                if (stat(filename, &_st) < 0)
+                        return -errno;
+                st = &_st;
+        }
+
+        if ((st->st_mode & S_IRWXO) == 0)
+                return 0;
+
+        if (unit)
+                log_syntax(unit, LOG_WARNING, filename, line, 0,
+                           "%s has %04o mode that is too permissive, please adjust the access mode.",
+                           filename, st->st_mode & 07777);
+        else
+                log_warning("%s has %04o mode that is too permissive, please adjust the access mode.",
+                            filename, st->st_mode & 07777);
+        return 0;
+}

diff --git a/src/basic/fileio.h b/src/basic/fileio.h
index b5b34fe1c365d88112e6cd1b1866c3fceb6bbbee..93e972c2eea9a2e5be223e685224115f9e2e8ce4 100644 (file)
--- a/src/basic/fileio.h
+++ b/src/basic/fileio.h
@@ -5,6 +5,7 @@
 #include <stdbool.h>
 #include <stddef.h>
 #include <stdio.h>
+#include <sys/stat.h>
 #include <sys/types.h>
 
 #include "macro.h"
@@ -86,3 +87,5 @@ static inline int read_nul_string(FILE *f, size_t limit, char **ret) {
 }
 
 int safe_fgetc(FILE *f, char *ret);
+
+int warn_file_is_world_accessible(const char *filename, struct stat *st, const char *unit, unsigned line);