* keyedit.c (menu_revsig): Properly show a uid is revoked without

restarting gpg. This is Debian bug 124219, though their supplied patch will not do the right thing. * main.h, tdbio.c (tdbio_set_dbname), misc.c (removed check_permissions), keydb.c (keydb_add_resource), g10.c (main, check_permissions): Significant reworking of the permission check mechanism. The new behavior is to check everything in the homedir by checking the homedir itself. If the user wants to put (possibly shared) keyrings outside the homedir, they are not checked. The options file and any extension files are checked wherever they are, as well as their enclosing directories. This is Debian bug 147760.
2025-07-02 22:46:30 +02:00 · 2002-08-07 15:53:15 +00:00 · 2002-08-07 15:53:15 +00:00 · fee7e35bae
commit fee7e35bae
parent df50c106f8
7 changed files with 212 additions and 135 deletions
--- a/g10/misc.c
+++ b/g10/misc.c
@ -24,9 +24,6 @@
 #include <string.h>
 #include <unistd.h>
 #include <errno.h>
-#ifdef HAVE_STAT
-#include <sys/stat.h>
-#endif
 #if defined(__linux__) && defined(__alpha__) && __GLIBC__ < 2
  #include <asm/sysinfo.h>
  #include <asm/unistd.h>
@ -338,100 +335,6 @@ openpgp_md_test_algo( int algo )
    return check_digest_algo(algo);
 }

-int
-check_permissions(const char *path,int extension,int checkonly)
-{
-#if defined(HAVE_STAT) && !defined(HAVE_DOSISH_SYSTEM)
-  char *tmppath;
-  struct stat statbuf;
-  int ret=1;
-  int isdir=0;
-
-  if(opt.no_perm_warn)
-    return 0;
-
-  if(extension && path[0]!=DIRSEP_C)
-    {
-      if(strchr(path,DIRSEP_C))
-	tmppath=make_filename(path,NULL);
-      else
-	tmppath=make_filename(GNUPG_LIBDIR,path,NULL);
-    }
-  else
-    tmppath=m_strdup(path);
-
-  /* It's okay if the file doesn't exist */
-  if(stat(tmppath,&statbuf)!=0)
-    {
-      ret=0;
-      goto end;
-    }
-
-  isdir=S_ISDIR(statbuf.st_mode);
-
-  /* We may have to revisit this if we start piping keyrings to gpg
-     over a named pipe or keyserver character device :) */
-  if(!isdir && !S_ISREG(statbuf.st_mode))
-    {
-      ret=0;
-      goto end;
-    }
-
-  /* Per-user files must be owned by the user.  Extensions must be
-     owned by the user or root. */
-  if((!extension && statbuf.st_uid != getuid()) ||
-     (extension && statbuf.st_uid!=0 && statbuf.st_uid!=getuid()))
-    {
-      if(!checkonly)
-	log_info(_("WARNING: unsafe ownership on %s \"%s\"\n"),
-		 isdir?"directory":extension?"extension":"file",path);
-      goto end;
-    }
-
-  /* This works for both directories and files - basically, we don't
-     care what the owner permissions are, so long as the group and
-     other permissions are 0 for per-user files, and non-writable for
-     extensions. */
-  if((extension && (statbuf.st_mode & (S_IWGRP|S_IWOTH)) !=0) ||
-     (!extension && (statbuf.st_mode & (S_IRWXG|S_IRWXO)) != 0))
-    {
-      char *dir;
-
-      /* However, if the directory the directory/file is in is owned
-         by the user and is 700, then this is not a problem.
-         Theoretically, we could walk this test up to the root
-         directory /, but for the sake of sanity, I'm stopping at one
-         level down. */
-
-      dir=make_dirname(tmppath);
-      if(stat(dir,&statbuf)==0 && statbuf.st_uid==getuid() &&
-	 S_ISDIR(statbuf.st_mode) && (statbuf.st_mode & (S_IRWXG|S_IRWXO))==0)
-	{
-	  m_free(dir);
-	  ret=0;
-	  goto end;
-	}
-
-      m_free(dir);
-
-      if(!checkonly)
-	log_info(_("WARNING: unsafe permissions on %s \"%s\"\n"),
-		 isdir?"directory":extension?"extension":"file",path);
-      goto end;
-    }
-
-  ret=0;
-
- end:
-  m_free(tmppath);
-
-  return ret;
-
-#endif /* HAVE_STAT && !HAVE_DOSISH_SYSTEM */
-
-  return 0;
-}
-
 /* Special warning for the IDEA cipher */
 void
 idea_cipher_warn(int show)