diff options
| author | Nick Mathewson <nickm@torproject.org> | 2011-05-15 13:11:48 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2011-05-15 20:20:30 -0400 |
| commit | f72e792be5437c9ee11d3f498ed3bb469b46d1bb (patch) | |
| tree | 29f2e5a044c793c55dbcb834822ac9075a23c530 | |
| parent | 287f6cb128c890e31faa951be6d42cd6801f4e59 (diff) | |
| download | tor-f72e792be5437c9ee11d3f498ed3bb469b46d1bb.tar.gz tor-f72e792be5437c9ee11d3f498ed3bb469b46d1bb.zip | |
Make check_private_dir check for group ownership as appropriate
| -rw-r--r-- | src/common/util.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/src/common/util.c b/src/common/util.c index 0e739f2127..1bb116b212 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -30,6 +30,7 @@ #else #include <dirent.h> #include <pwd.h> +#include <grp.h> #endif /* math.h needs this on Linux */ @@ -1736,6 +1737,21 @@ check_private_dir(const char *dirname, cpd_check_t check) tor_free(process_ownername); return -1; } + if ((check & CPD_GROUP_OK) && st.st_gid != getgid()) { + struct group *gr; + char *process_groupname = NULL; + gr = getgrgid(getgid()); + process_groupname = gr ? tor_strdup(gr->gr_name) : tor_strdup("<unknown>"); + gr = getgrgid(st.st_gid); + + log_warn(LD_FS, "%s is not owned by this group (%s, %d) but by group " + "%s (%d). Are you running Tor as the wrong user?", + dirname, process_groupname, (int)getgid(), + gr ? gr->gr_name : "<unknown>", (int)st.st_gid); + + tor_free(process_groupname); + return -1; + } if (check & CPD_GROUP_OK) { mask = 0027; } else { |