diff options
Diffstat (limited to 'src/fids/main.c')
-rw-r--r-- | src/fids/main.c | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/src/fids/main.c b/src/fids/main.c index c899b55e1..8f9bc1ea0 100644 --- a/src/fids/main.c +++ b/src/fids/main.c | |||
@@ -210,22 +210,29 @@ static void process_config(const char *fname) { | |||
210 | exit(1); | 210 | exit(1); |
211 | } | 211 | } |
212 | 212 | ||
213 | // make sure the file is owned by root | 213 | fprintf(stderr, "Opening config file %s\n", fname); |
214 | struct stat s; | 214 | int fd = open(fname, O_RDONLY|O_CLOEXEC); |
215 | if (stat(fname, &s)) { | 215 | if (fd < 0) { |
216 | if (include_level == 1) { | 216 | if (include_level == 1) { |
217 | fprintf(stderr, "Error ids: config file not found\n"); | 217 | fprintf(stderr, "Error ids: cannot open config file %s\n", fname); |
218 | exit(1); | 218 | exit(1); |
219 | } | 219 | } |
220 | return; | 220 | return; |
221 | } | 221 | } |
222 | |||
223 | // make sure the file is owned by root | ||
224 | struct stat s; | ||
225 | if (fstat(fd, &s)) { | ||
226 | fprintf(stderr, "Error ids: cannot stat config file %s\n", fname); | ||
227 | exit(1); | ||
228 | } | ||
222 | if (s.st_uid || s.st_gid) { | 229 | if (s.st_uid || s.st_gid) { |
223 | fprintf(stderr, "Error ids: config file not owned by root\n"); | 230 | fprintf(stderr, "Error ids: config file not owned by root\n"); |
224 | exit(1); | 231 | exit(1); |
225 | } | 232 | } |
226 | 233 | ||
227 | fprintf(stderr, "Loading %s config file\n", fname); | 234 | fprintf(stderr, "Loading config file %s\n", fname); |
228 | FILE *fp = fopen(fname, "r"); | 235 | FILE *fp = fdopen(fd, "r"); |
229 | if (!fp) { | 236 | if (!fp) { |
230 | fprintf(stderr, "Error fids: cannot open config file %s\n", fname); | 237 | fprintf(stderr, "Error fids: cannot open config file %s\n", fname); |
231 | exit(1); | 238 | exit(1); |