From: Nick Mathewson Date: Fri, 13 May 2011 19:40:03 +0000 (-0400) Subject: Add a new flag to check_private_dir to make it _not_ change permissions X-Git-Tag: tor-0.2.2.26-beta~11^2~1^2~3 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5d147d8527da3c8cff7f5ab5f0d0185d51fff79b;p=thirdparty%2Ftor.git Add a new flag to check_private_dir to make it _not_ change permissions We'll need this for checking permissions on the directories that hold control sockets: if somebody says "ControlSocket ~/foo", it would be pretty rude to do a chmod 700 on their homedir. --- diff --git a/src/common/util.c b/src/common/util.c index 3f81874331..d84ed9c00e 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -1670,6 +1670,8 @@ file_status(const char *fname) * check&CPD_CHECK, and we think we can create it, return 0. Else * return -1. If CPD_GROUP_OK is set, then it's okay if the directory * is group-readable, but in all cases we create the directory mode 0700. + * If CPD_CHECK_MODE_ONLY is set, then we don't alter the directory permissions + * if they are too permissive: we just return -1. */ int check_private_dir(const char *dirname, cpd_check_t check) @@ -1741,6 +1743,11 @@ check_private_dir(const char *dirname, cpd_check_t check) } if (st.st_mode & mask) { unsigned new_mode; + if (check & CPD_CHECK_MODE_ONLY) { + log_warn(LD_FS, "Permissions on directory %s are too permissive.", + dirname); + return -1; + } log_warn(LD_FS, "Fixing permissions on directory %s", dirname); new_mode = st.st_mode; new_mode |= 0700; /* Owner should have rwx */ diff --git a/src/common/util.h b/src/common/util.h index f75953226b..f32709accd 100644 --- a/src/common/util.h +++ b/src/common/util.h @@ -291,6 +291,7 @@ typedef unsigned int cpd_check_t; #define CPD_CREATE 1 #define CPD_CHECK 2 #define CPD_GROUP_OK 4 +#define CPD_CHECK_MODE_ONLY 8 int check_private_dir(const char *dirname, cpd_check_t check); #define OPEN_FLAGS_REPLACE (O_WRONLY|O_CREAT|O_TRUNC) #define OPEN_FLAGS_APPEND (O_WRONLY|O_CREAT|O_APPEND)