diff options
author | Wayne R. Roth | 2016-01-20 07:09:37 +0100 |
---|---|---|
committer | Karel Zak | 2016-01-26 11:26:00 +0100 |
commit | cc706d9f0978c03f730aec627c5b656ee4eec58f (patch) | |
tree | 20c674cfe7beb55e8ecbcc4a5e120fd814fdcf7e | |
parent | libmount: handle btrfs default subvolume mount (diff) | |
download | kernel-qcow2-util-linux-cc706d9f0978c03f730aec627c5b656ee4eec58f.tar.gz kernel-qcow2-util-linux-cc706d9f0978c03f730aec627c5b656ee4eec58f.tar.xz kernel-qcow2-util-linux-cc706d9f0978c03f730aec627c5b656ee4eec58f.zip |
mkswap: add warnings for insecure device permissions/owners
Logic modified from sys-utils/swapon.c
Signed-off-by: Wayne R. Roth <wayneroth42@gmail.com>
-rw-r--r-- | disk-utils/mkswap.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/disk-utils/mkswap.c b/disk-utils/mkswap.c index c559e60e4..22999dafb 100644 --- a/disk-utils/mkswap.c +++ b/disk-utils/mkswap.c @@ -344,7 +344,7 @@ static void write_header_to_device(struct mkswap_control *ctl) int main(int argc, char **argv) { struct mkswap_control ctl = { .fd = -1 }; - int c; + int c, permMask; uint64_t sz; int version = SWAP_VERSION; char *block_count = NULL, *strsz = NULL; @@ -464,6 +464,15 @@ int main(int argc, char **argv) ctl.devname); open_device(&ctl); + permMask = S_ISBLK(ctl.devstat.st_mode) ? 07007 : 07077; + if ((ctl.devstat.st_mode & permMask) != 0) + warnx(_("%s: insecure permissions %04o, %04o suggested."), + ctl.devname, ctl.devstat.st_mode & 07777, + ~permMask & 0666); + if (getuid() == 0 && S_ISREG(ctl.devstat.st_mode) && ctl.devstat.st_uid != 0) + warnx(_("%s: insecure file owner %d, 0 (root) suggested."), + ctl.devname, ctl.devstat.st_uid); + if (ctl.check) check_blocks(&ctl); |