From 71f6f53bbf71b1c1e1be8516dcc24e3ece44cd72 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Fri, 29 Jul 2016 08:00:52 -0400
Subject: config file fix

---
 src/firejail/checkcfg.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c
index 6929988ae..7de491f5f 100644
--- a/src/firejail/checkcfg.c
+++ b/src/firejail/checkcfg.c
@@ -58,6 +58,15 @@ int checkcfg(int val) {
 #endif	
 		}
 		
+		// if the file exists, it should be owned by root
+		struct stat s;
+		if (stat(fname, &s) == -1)
+			errExit("stat");
+		if (s.st_uid != 0 || s.st_gid != 0) {
+			fprintf(stderr, "Error: configuration file should be owned by root\n");
+			exit(1);
+		}
+
 		// read configuration file
 		char buf[MAX_READ];
 		while (fgets(buf,MAX_READ, fp)) {
-- 
cgit v1.2.3-70-g09d2