Bug#370396: don't be fascist about conf file ownership, please

[martin f krafft]

tags 370396 patch
thanks

See attached patch. New config option: admingroup. It also adds one
additional check, which is the containing directory of configuration
files; if that has +w, there's also a security problem, no?

-- 
Please do not send copies of list mail to me; I read the list!
 
 .''`.     martin f. krafft <[EMAIL PROTECTED]>
: :'  :    proud Debian developer and author: http://debiansystem.info
`. `'`
  `-  Debian - when you have better things to do than fixing a system

--- /usr/sbin/backupninja.orig  2006-04-08 23:03:53.000000000 +0200
+++ /usr/sbin/backupninja       2006-06-05 02:36:29.827183100 +0200
@@ -130,17 +130,38 @@
 #
 
 function check_perms() {
+       set -x
        local file=$1
-       local perms=`ls -ld $file`
-       perms=${perms:4:6}
-       if [ "$perms" != "------" ]; then
-               echo "Configuration files must not be group or world 
writable/readable! Dying on file $file"
-               fatal "Configuration files must not be group or world 
writable/readable! Dying on file $file"
-       fi
-       if [ `ls -ld $file | awk '{print $3}'` != "root" ]; then
+       local stat
+       stat=($(stat -L --printf='%a %g %G %u %U' $file))
+       local gperm=${stat[0]:1:1}
+       local wperm=${stat[0]:2:1}
+       local gid=${stat[1]}
+       local group=${stat[2]}
+       local owner=${stat[3]}
+
+       if [ "$owner" != 0 ]; then
                echo "Configuration files must be owned by root! Dying on file 
$file"
                fatal "Configuration files must be owned by root! Dying on file 
$file"
        fi
+
+       if [ $wperm -gt 0 ]; then
+               echo "Configuration files must not be world writable/readable! 
Dying on file $file"
+               fatal "Configuration files must not be world writable/readable! 
Dying on file $file"
+       fi
+
+       if [ $gperm -gt 0 ]; then
+               case "$admingroup" in
+                       $gid|$group) :;;
+                       *)
+                               if [ "$gid" != 0 ]; then
+                                       echo "Configuration files must 
writable/readable by group ${stat[2]}! Dying on file $file"
+                                       fatal "Configuration files must 
writable/readable by group ${stat[2]}! Dying on file $file"
+                               fi
+                               ;;
+               esac
+       fi
+       set +x
 }
 
 # simple lowercase function
@@ -403,6 +424,7 @@
 setfile $conffile
 
 # get global config options (second param is the default)
+getconf admingroup root
 getconf configdirectory /etc/backup.d
 getconf scriptdirectory /usr/share/backupninja
 getconf reportemail
@@ -461,6 +483,7 @@
 for file in $files; do
        [ -f "$file" ] || continue
 
+       check_perms ${file%/*} # check containing dir
        check_perms $file
        suffix="${file##*.}"
        base=`basename $file`

signature.asc
Description: Digital signature (GPG/PGP)