===================================================================
RCS file: /cvs/cvs/blind/config.c,v
retrieving revision 1.3
retrieving revision 1.7
diff -u -p -r1.3 -r1.7
--- blind/config.c	2022/03/19 06:29:08	1.3
+++ blind/config.c	2022/03/29 20:14:23	1.7
@@ -14,13 +14,17 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
+#include <sys/stat.h>
+
 #include <stdlib.h>
 #include <string.h>
+#include <unistd.h>
 
 #include "blind.h"
 #include "log.h"
 
-struct blind * config_init(void);
+struct blind *	config_init(void);
+int		config_perm(int, const char *);
 
 struct blind *
 config_init(void)
@@ -30,10 +34,31 @@ config_init(void)
 	if ((cfg = calloc(1, sizeof(*cfg))) == NULL)
 		return cfg;
 
-        if (strlcpy(cfg->bl_sock, BL_SOCK, PATH_MAX) >= PATH_MAX)
-                log_fatal("socket file name exceeds PATH_MAX");
-        
+	if (strlcpy(cfg->bl_sock, BL_SOCK, PATH_MAX) >= PATH_MAX)
+		log_fatal("socket file name exceeds PATH_MAX");
+
 	cfg->bl_ttl = BL_TTL;
+	cfg->bl_opt = BL_OPT_DEFAULT;
 
 	return cfg;
+}
+
+int
+config_perm(int fd, const char *name)
+{
+        struct stat st;
+
+        if (fstat(fd, &st)) {
+                log_debug("cannot stat config file");
+                return (-1);
+        }
+        if (st.st_uid != 0 && st.st_uid != getuid()) {
+                log_debug("not root or current user owned");
+                return (-1);
+        }
+        if (st.st_mode & (S_IWGRP | S_IXGRP | S_IRWXO)) {
+                log_debug("insecure config file");
+                return (-1);
+        }
+        return (0);
 }