mirrors/dnscrypt-proxy
1
0
Fork 0
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git synced 2025-04-03 21:27:37 +03:00
Code Issues Projects Releases Packages Wiki Activity

Don't run the permissions checks on non-Unix platforms

Browse source 
This is way too annoying on Windows systems.
This commit is contained in:
Frank Denis 2025-03-10 12:01:55 +01:00
parent cc9774ff31
commit 0d89626420
3 changed files with 43 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

31
dnscrypt-proxy/common.go
View file

@ -6,12 +6,9 @@ import (
"errors" "errors"
"net" "net"
"os" "os"
"path"
"strconv" "strconv"
"strings" "strings"
"unicode" "unicode"
"github.com/jedisct1/dlog"
) )
type CryptoConstruction uint16 type CryptoConstruction uint16
@ -167,31 +164,3 @@ func ReadTextFile(filename string) (string, error) {
} }
func isDigit(b byte) bool { return b >= '0' && b <= '9' } func isDigit(b byte) bool { return b >= '0' && b <= '9' }
func maybeWritableByOtherUsers(p string) (bool, string, error) {
p = path.Clean(p)
for p != "/" && p != "." {
st, err := os.Stat(p)
if err != nil {
return false, p, err
}
mode := st.Mode()
if mode.Perm()&2 != 0 && !(st.IsDir() && mode&os.ModeSticky == os.ModeSticky) {
return true, p, nil
}
p = path.Dir(p)
}
return false, "", nil
}
func WarnIfMaybeWritableByOtherUsers(p string) {
if ok, px, err := maybeWritableByOtherUsers(p); ok {
if px == p {
dlog.Criticalf("[%s] is writable by other system users - If this is not intentional, it is recommended to fix the access permissions", p)
} else {
dlog.Warnf("[%s] can be modified by other system users because [%s] is writable by other users - If this is not intentional, it is recommended to fix the access permissions", p, px)
}
} else if err != nil {
dlog.Warnf("Error while checking if [%s] is accessible: [%s] : [%s]", p, px, err)
}
}

7
dnscrypt-proxy/permcheck_others.go Normal file
View file

@ -0,0 +1,7 @@
//go:build !unix
package main
func WarnIfMaybeWritableByOtherUsers(p string) {
// No-op
}

36
dnscrypt-proxy/permcheck_unix.go Normal file
View file

@ -0,0 +1,36 @@
package main
import (
"os"
"path"
"github.com/jedisct1/dlog"
)
func maybeWritableByOtherUsers(p string) (bool, string, error) {
p = path.Clean(p)
for p != "/" && p != "." {
st, err := os.Stat(p)
if err != nil {
return false, p, err
}
mode := st.Mode()
if mode.Perm()&2 != 0 && !(st.IsDir() && mode&os.ModeSticky == os.ModeSticky) {
return true, p, nil
}
p = path.Dir(p)
}
return false, "", nil
}
func WarnIfMaybeWritableByOtherUsers(p string) {
if ok, px, err := maybeWritableByOtherUsers(p); ok {
if px == p {
dlog.Criticalf("[%s] is writable by other system users - If this is not intentional, it is recommended to fix the access permissions", p)
} else {
dlog.Warnf("[%s] can be modified by other system users because [%s] is writable by other users - If this is not intentional, it is recommended to fix the access permissions", p, px)
}
} else if err != nil {
dlog.Warnf("Error while checking if [%s] is accessible: [%s] : [%s]", p, px, err)
}
}