Commit 5d147d85 authored by Nick Mathewson's avatar Nick Mathewson 🤹
Browse files

Add a new flag to check_private_dir to make it _not_ change permissions 

We'll need this for checking permissions on the directories that hold
control sockets: if somebody says "ControlSocket ~/foo", it would be
pretty rude to do a chmod 700 on their homedir.
parent 3b6cbf25

src/common/util.c

+7 −0
Original line number Diff line number Diff line
@@ -1670,6 +1670,8 @@ file_status(const char *fname) 
 * check&CPD_CHECK, and we think we can create it, return 0.  Else

 * return -1.  If CPD_GROUP_OK is set, then it's okay if the directory

 * is group-readable, but in all cases we create the directory mode 0700.

 * If CPD_CHECK_MODE_ONLY is set, then we don't alter the directory permissions

 * if they are too permissive: we just return -1.

 */

int

check_private_dir(const char *dirname, cpd_check_t check)
@@ -1741,6 +1743,11 @@ check_private_dir(const char *dirname, cpd_check_t check) 
  }

  if (st.st_mode & mask) {

    unsigned new_mode;

    if (check & CPD_CHECK_MODE_ONLY) {

      log_warn(LD_FS, "Permissions on directory %s are too permissive.",

               dirname);

      return -1;

    }

    log_warn(LD_FS, "Fixing permissions on directory %s", dirname);

    new_mode = st.st_mode;

    new_mode |= 0700; /* Owner should have rwx */

src/common/util.h

+1 −0
Original line number Diff line number Diff line
@@ -291,6 +291,7 @@ typedef unsigned int cpd_check_t; 
#define CPD_CREATE 1

#define CPD_CHECK 2

#define CPD_GROUP_OK 4

#define CPD_CHECK_MODE_ONLY 8

int check_private_dir(const char *dirname, cpd_check_t check);

#define OPEN_FLAGS_REPLACE (O_WRONLY|O_CREAT|O_TRUNC)

#define OPEN_FLAGS_APPEND (O_WRONLY|O_CREAT|O_APPEND)