Merge pull request #106 from twouters/bugfix/87

Fix config directory permission validation
pull/1081/head
Adam 2022-01-25 11:13:41 +00:00 committed by GitHub
commit 178704a41b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 23 additions and 7 deletions

View File

@ -22,19 +22,35 @@ func DirWritable(path string) (bool, error) {
return false, errors.New("path isn't a directory")
}
if info.Mode().Perm()&(1<<(uint(7))) == 0 {
return false, errors.New("write permission bit is not set on this file for user")
}
var stat syscall.Stat_t
if err = syscall.Stat(path, &stat); err != nil {
return false, errors.New("unable to get stat")
}
if uint32(os.Geteuid()) != stat.Uid {
return false, errors.New("user doesn't have permission to write to this directory")
if uint32(os.Geteuid()) == stat.Uid {
if info.Mode().Perm()&(1<<7) != 0 {
// owner matches and has write permissions
return true, nil
} else {
return false, errors.New("owner doesn't have write permissions for this path")
}
}
return true, nil
if uint32(os.Getegid()) == stat.Gid {
if info.Mode().Perm()&(1<<4) != 0 {
// group matches and has write permissions
return true, nil
} else {
return false, errors.New("group doesn't have write permissions for this path")
}
}
if info.Mode().Perm()&(1<<1) != 0 {
// all users have write permissions
return true, nil
}
return false, errors.New("user doesn't have write permissions for this path")
}
func Ping(address string, secondsTimeout int) (int64, error) {