From: Mark Wooding <mdw@distorted.org.uk>
Date: Sun, 7 Jul 2024 21:01:34 +0000 (+0100)
Subject: tmpdir.c: Be more helpful if owner lacks permissions on the directory.
X-Git-Tag: 1.2.5~1
X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~mdw/git/checkpath/commitdiff_plain/995186ff19a5a2388b5de61928d62bb68e618612?ds=sidebyside

tmpdir.c: Be more helpful if owner lacks permissions on the directory.

Previously, we'd report `non-owner access permitted', which was exactly
wrong.

This is a functionality check rather than a security check, so I'm not
completely convinced that this is something tmpdir(1) should be
checking.  But it always has done so there's not much reason to stop
now.
---

diff --git a/tmpdir.c b/tmpdir.c
index bcebf8d..7b6fc64 100644
--- a/tmpdir.c
+++ b/tmpdir.c
@@ -122,8 +122,10 @@ static int ok(const char *p, int *f)
     complain(p, "not a directory", 0);
   else if (st.st_uid != me)
     complain(p, "not owner", 0);
-  else if ((st.st_mode & 0777) != 0700)
+  else if (st.st_mode & 0077)
     complain(p, "non-owner access permitted", 0);
+  else if (~st.st_mode & 0700)
+    complain(p, "owner lacks permissions", 0);
   else
     return (1);
   return (0);