# HG changeset patch
# User Mikael Berthe <mikael@lilotux.net>
# Date 1122212247 -3600
# Node ID d8f147d6e8729a1e5beb0bb73e57edc28a0cb557
# Parent  51ff319947c3d604fbd89eee3aaf69684b77bc37
Check directory and config file permissions

* Check history directory and configuration file permissions, and
  correct them to 0700 and 0600 if necessary.
* Warn when mcabber main directory ($HOME/.mcabber) has bad permissions
* Reset UseFileLogging & FileLoadLogs when the log dir does not exist



diff -r 51ff319947c3 -r d8f147d6e872 mcabber/src/histolog.c
--- a/mcabber/src/histolog.c	Sat Jul 23 21:50:06 2005 +0100
+++ b/mcabber/src/histolog.c	Sun Jul 24 14:37:27 2005 +0100
@@ -229,7 +229,7 @@
       int l = strlen(root_dir);
       if (l < 1) {
         scr_LogPrint("root_dir too short");
-        UseFileLogging = FALSE;
+        UseFileLogging = FileLoadLogs = FALSE;
         return;
       }
       // RootDir must be slash-terminated
@@ -247,11 +247,16 @@
       strcpy(RootDir, home);
       strcat(RootDir, dir);
     }
-    // FIXME
-    // We should check the directory actually exists
-  } else    // Disable history logging
-    if (RootDir) {
-    g_free(RootDir);
+    // Check directory permissions (should not be readable by group/others)
+    if (checkset_perm(RootDir, TRUE) == -1) {
+      // The directory does not actually exists
+      g_free(RootDir);
+      scr_LogPrint("ERROR: Can't access history log directory");
+      UseFileLogging = FileLoadLogs = FALSE;
+    }
+  } else {  // Disable history logging
+    if (RootDir)
+      g_free(RootDir);
   }
 }
 
diff -r 51ff319947c3 -r d8f147d6e872 mcabber/src/settings.c
--- a/mcabber/src/settings.c	Sat Jul 23 21:50:06 2005 +0100
+++ b/mcabber/src/settings.c	Sun Jul 24 14:37:27 2005 +0100
@@ -92,11 +92,20 @@
         return -1;
       }
     }
+    // Check configuration file permissions
+    // As it could contain sensitive data, we make it user-readable only
+    checkset_perm(filename, TRUE);
+    // Check mcabber dir.  There we just warn, we don't change the modes
+    sprintf(filename, "%s/.mcabber/", home);
+    checkset_perm(filename, FALSE);
     g_free(filename);
-  }
-  else if ((fp = fopen(filename, "r")) == NULL) {
-    perror("fopen (cfg_file())");
-    return -1;
+  } else {
+    if ((fp = fopen(filename, "r")) == NULL) {
+      perror("fopen (cfg_file())");
+      return -1;
+    }
+    // Check configuration file permissions (see above)
+    checkset_perm(filename, TRUE);
   }
 
   buf = g_new(char, 512);
diff -r 51ff319947c3 -r d8f147d6e872 mcabber/src/utils.c
--- a/mcabber/src/utils.c	Sat Jul 23 21:50:06 2005 +0100
+++ b/mcabber/src/utils.c	Sun Jul 24 14:37:27 2005 +0100
@@ -26,8 +26,12 @@
 #include <string.h>
 #include <stdarg.h>
 #include <time.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
 
 #include <config.h>
+#include "screen.h"
 
 static int DebugEnabled;
 static char *FName;
@@ -90,6 +94,45 @@
   }
 }
 
+//  checkset_perm(name, setmode)
+// Check the permissions of the "name" file/dir
+// If setmode is true, correct the permissions if they are wrong
+// Return values: -1 == bad file/dir, 0 == success, 1 == cannot correct
+int checkset_perm(const char *name, unsigned int setmode)
+{
+  int fd;
+  struct stat buf;
+
+  fd = lstat(name, &buf);
+  if (fd == -1) return -1;
+
+  if (buf.st_uid != geteuid()) {
+    scr_LogPrint("Wrong file owner [%s]", name);
+    return 1;
+  }
+
+  if (buf.st_mode & (S_IRGRP | S_IWGRP | S_IXGRP) ||
+      buf.st_mode & (S_IROTH | S_IWOTH | S_IXOTH)) {
+    if (setmode) {
+      mode_t newmode = 0;
+      scr_LogPrint("Bad permissions [%s]", name);
+      if (S_ISDIR(buf.st_mode))
+        newmode |= S_IXUSR;
+      newmode |= S_IRUSR | S_IWUSR;
+      if (chmod(name, newmode)) {
+        scr_LogPrint("WARNING: Failed to correct permissions!");
+        return 1;
+      }
+      scr_LogPrint("Permissions have been corrected");
+    } else {
+      scr_LogPrint("WARNING: Bad permissions [%s]", name);
+      return 1;
+    }
+  }
+
+  return 0;
+}
+
 //  to_iso8601(dststr, timestamp)
 // Convert timestamp to iso8601 format, and store it in dststr.
 // NOTE: dststr should be at last 19 chars long.
@@ -185,4 +228,3 @@
 
   return retval;
 }
-
diff -r 51ff319947c3 -r d8f147d6e872 mcabber/src/utils.h
--- a/mcabber/src/utils.h	Sat Jul 23 21:50:06 2005 +0100
+++ b/mcabber/src/utils.h	Sun Jul 24 14:37:27 2005 +0100
@@ -4,6 +4,8 @@
 void ut_InitDebug(unsigned int level, const char *file);
 void ut_WriteLog(const char *fmt, ...);
 
+int checkset_perm(const char *name, unsigned int setmode);
+
 int    to_iso8601(char *dststr, time_t timestamp);
 time_t from_iso8601(const char *timestamp, int utc);