From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 4 Nov 2020 15:19:49 +0000 (+0100)
Subject: repart: warn about world writable key files
X-Git-Tag: v248-rc1~615^2~10
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=8b3c3a49739d6fc10b8d0805b7ede9a330cf7d95;p=thirdparty%2Fsystemd.git

repart: warn about world writable key files

We have easy support for this, hence use it for privileged key data.
---

diff --git a/src/partition/repart.c b/src/partition/repart.c
index 6db413ed5e2..58cacab2442 100644
--- a/src/partition/repart.c
+++ b/src/partition/repart.c
@@ -3621,7 +3621,11 @@ static int parse_argv(int argc, char *argv[]) {
                         _cleanup_(erase_and_freep) char *k = NULL;
                         size_t n = 0;
 
-                        r = read_full_file_full(AT_FDCWD, optarg, READ_FULL_FILE_SECURE|READ_FULL_FILE_CONNECT_SOCKET, NULL, &k, &n);
+                        r = read_full_file_full(
+                                        AT_FDCWD, optarg,
+                                        READ_FULL_FILE_SECURE|READ_FULL_FILE_WARN_WORLD_READABLE|READ_FULL_FILE_CONNECT_SOCKET,
+                                        NULL,
+                                        &k, &n);
                         if (r < 0)
                                 return log_error_errno(r, "Failed to read key file '%s': %m", optarg);