relax the cfg file secrecy check slightly to allow group readability

default permissions and mtree NOT changed. prodded by benno, ok phessler benno jmatthew theo pelikan florian
author: henning <henning@openbsd.org> 2014-01-22 00:21:16 +0000
committer: henning <henning@openbsd.org> 2014-01-22 00:21:16 +0000
commit: 7140c133f0de7533c019c39b5af9a025c9cfeb6d (patch)
tree: 9a11e4613af27a10a4bc31cbb8c3ffdd9cbbcfc2 /usr.sbin/dvmrpd
parent: wakeup_n and wakeup_one blurbs (diff)
download: wireguard-openbsd-7140c133f0de7533c019c39b5af9a025c9cfeb6d.tar.xz
wireguard-openbsd-7140c133f0de7533c019c39b5af9a025c9cfeb6d.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/usr.sbin/dvmrpd/parse.y b/usr.sbin/dvmrpd/parse.y
index e19a32dc53a..be48ffaed8f 100644
--- a/usr.sbin/dvmrpd/parse.y
+++ b/usr.sbin/dvmrpd/parse.y
@@ -1,4 +1,4 @@
-/*	$OpenBSD: parse.y,v 1.25 2013/11/25 12:54:14 benno Exp $ */
+/*	$OpenBSD: parse.y,v 1.26 2014/01/22 00:21:16 henning Exp $ */
 
 /*
  * Copyright (c) 2004, 2005, 2006 Esben Norby <norby@openbsd.org>
@@ -660,8 +660,8 @@ check_file_secrecy(int fd, const char *fname)
 		log_warnx("%s: owner not root or current user", fname);
 		return (-1);
 	}
-	if (st.st_mode & (S_IRWXG | S_IRWXO)) {
-		log_warnx("%s: group/world readable/writeable", fname);
+	if (st.st_mode & (S_IWGRP | S_IXGRP | S_IRWXO)) {
+		log_warnx("%s: group writable or world read/writable", fname);
 		return (-1);
 	}
 	return (0);
author	henning <henning@openbsd.org>	2014-01-22 00:21:16 +0000
committer	henning <henning@openbsd.org>	2014-01-22 00:21:16 +0000
commit	7140c133f0de7533c019c39b5af9a025c9cfeb6d (patch)
tree	9a11e4613af27a10a4bc31cbb8c3ffdd9cbbcfc2 /usr.sbin/dvmrpd
parent	wakeup_n and wakeup_one blurbs (diff)
download	wireguard-openbsd-7140c133f0de7533c019c39b5af9a025c9cfeb6d.tar.xz wireguard-openbsd-7140c133f0de7533c019c39b5af9a025c9cfeb6d.zip