From: Daniel Martí <mvdan@mvdan.cc>
Date: Fri, 6 Dec 2013 16:20:03 +0000 (+0100)
Subject: Only warn about config.py perms if there's sensitive info
X-Git-Tag: 0.1~123
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=commitdiff_plain;h=f0b66cee92d2a30a1197f4e02907f7aaa6ed8113;p=fdroidserver.git

Only warn about config.py perms if there's sensitive info
---

diff --git a/fdroidserver/common.py b/fdroidserver/common.py
index 79708971..298eb39d 100644
--- a/fdroidserver/common.py
+++ b/fdroidserver/common.py
@@ -47,10 +47,6 @@ def read_config(opts, config_file='config.py'):
         print "Missing config file - is this a repo directory?"
         sys.exit(2)
 
-    st = os.stat(config_file)
-    if st.st_mode & stat.S_IRWXG or st.st_mode & stat.S_IRWXO:
-        print "WARNING: unsafe permissions on {0} (should be 0600)!".format(config_file)
-
     options = opts
     if not hasattr(options, 'verbose'):
         options.verbose = False
@@ -72,6 +68,11 @@ def read_config(opts, config_file='config.py'):
         print "Reading %s..." % config_file
     execfile(config_file, config)
 
+    if any(k in config for k in ["keystore", "keystorepass", "keypass"]):
+        st = os.stat(config_file)
+        if st.st_mode & stat.S_IRWXG or st.st_mode & stat.S_IRWXO:
+            print "WARNING: unsafe permissions on {0} (should be 0600)!".format(config_file)
+
     # Expand environment variables
     for k, v in config.items():
         if type(v) != str: