From: Mark Wooding Date: Tue, 16 Jul 2024 14:09:58 +0000 (+0100) Subject: checkpath.c, tmpdir.c: Use symbolic names for permission masks. X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~mdw/git/checkpath/commitdiff_plain/cfc8dd737dacc7b3ad394fa2d8649cf809a54bc8?ds=sidebyside checkpath.c, tmpdir.c: Use symbolic names for permission masks. It turns out that they fit fairly well with what we're trying to do here, and I think that, for once, the code is clearer for using them. Portability doesn't seem to be a concern for these values. --- diff --git a/checkpath.c b/checkpath.c index 9c15086..12038dd 100644 --- a/checkpath.c +++ b/checkpath.c @@ -291,12 +291,12 @@ static unsigned sanity(const char *p, struct stat *st, if (S_ISDIR(st->st_mode) && (!(f & SF_LAST) || (cp->cp_what & CP_STICKYOK))) - stickyok = 01000; + stickyok = S_ISVTX; /* --- Check for world-writability --- */ if ((cp->cp_what & CP_WRWORLD) && - (st->st_mode & (0002 | stickyok)) == 0002) { + (st->st_mode & (S_IWOTH | stickyok)) == S_IWOTH) { bad |= CP_WRWORLD; report(cp, CP_WRWORLD, 1, p, "** world writable **"); } @@ -304,7 +304,7 @@ static unsigned sanity(const char *p, struct stat *st, /* --- Check for group-writability --- */ if ((cp->cp_what & (CP_WRGRP | CP_WROTHGRP)) && - (st->st_mode & (0020 | stickyok)) == 0020) { + (st->st_mode & (S_IWGRP | stickyok)) == S_IWGRP) { b = CP_WRGRP; if (cp->cp_what & CP_WROTHGRP) { @@ -464,7 +464,7 @@ unsigned checkpath(const char *p, const struct checkpath *cp) bad |= sanity(d.buf, &st, cp, ee ? 0 : SF_LAST); if (S_ISDIR(st.st_mode)) { - if (st.st_mode & 01000) + if (st.st_mode & S_ISVTX) sp->e_flags |= EF_STICKY; report(cp, CP_REPORT, 4, d.buf, "directory"); continue; diff --git a/tmpdir.c b/tmpdir.c index 944cc18..c561c1c 100644 --- a/tmpdir.c +++ b/tmpdir.c @@ -122,9 +122,9 @@ static int ok(const char *p, int *f) complain(p, "not a directory", 0); else if (st.st_uid != me) complain(p, "not owner", 0); - else if (st.st_mode & 0077) + else if (st.st_mode & (S_IRWXG | S_IRWXO)) complain(p, "non-owner access permitted", 0); - else if (~st.st_mode & 0700) + else if (~st.st_mode & S_IRWXU) complain(p, "owner lacks permissions", 0); else return (1);