Merge pull request #106 from twouters/bugfix/87

Fix config directory permission validation
2022-01-25 11:13:41 +00:00 · 2022-01-25 11:13:41 +00:00 · 178704a41b
parent 4996b87d03 6071f4e96d
commit 178704a41b
1 changed files with 23 additions and 7 deletions
--- a/utils/utils_custom.go
+++ b/utils/utils_custom.go
@ -22,19 +22,35 @@ func DirWritable(path string) (bool, error) {
 		return false, errors.New("path isn't a directory")
 	}

-	if info.Mode().Perm()&(1<<(uint(7))) == 0 {
-		return false, errors.New("write permission bit is not set on this file for user")
-	}
-
 	var stat syscall.Stat_t
 	if err = syscall.Stat(path, &stat); err != nil {
 		return false, errors.New("unable to get stat")
 	}

-	if uint32(os.Geteuid()) != stat.Uid {
-		return false, errors.New("user doesn't have permission to write to this directory")
+	if uint32(os.Geteuid()) == stat.Uid {
+		if info.Mode().Perm()&(1<<7) != 0 {
+			// owner matches and has write permissions
+			return true, nil
+		} else {
+			return false, errors.New("owner doesn't have write permissions for this path")
+		}
 	}
-	return true, nil
+
+	if uint32(os.Getegid()) == stat.Gid {
+		if info.Mode().Perm()&(1<<4) != 0 {
+			// group matches and has write permissions
+			return true, nil
+		} else {
+			return false, errors.New("group doesn't have write permissions for this path")
+		}
+	}
+
+	if info.Mode().Perm()&(1<<1) != 0 {
+		// all users have write permissions
+		return true, nil
+	}
+
+	return false, errors.New("user doesn't have write permissions for this path")
 }

 func Ping(address string, secondsTimeout int) (int64, error) {