aboutsummaryrefslogtreecommitdiff
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/config.go26
1 files changed, 25 insertions, 1 deletions
diff --git a/config/config.go b/config/config.go
index 736acbf..33623d5 100644
--- a/config/config.go
+++ b/config/config.go
@@ -3,6 +3,7 @@ package config
import (
"errors"
"fmt"
+ "os"
"path"
"regexp"
"strings"
@@ -142,7 +143,11 @@ func LoadConfig(root *string) (*AercConfig, error) {
_root := path.Join(xdg.ConfigHome(), "aerc")
root = &_root
}
- file, err := ini.Load(path.Join(*root, "aerc.conf"))
+ filename := path.Join(*root, "aerc.conf")
+ if err := checkConfigPerms(filename); err != nil {
+ return nil, err
+ }
+ file, err := ini.Load(filename)
if err != nil {
return nil, err
}
@@ -289,3 +294,22 @@ func LoadConfig(root *string) (*AercConfig, error) {
config.Bindings.Global.Globals = false
return config, nil
}
+
+// checkConfigPerms checks for too open permissions
+// printing the fix on stdout and returning an error
+func checkConfigPerms(filename string) error {
+ info, err := os.Stat(filename)
+ if err != nil {
+ return err
+ }
+ perms := info.Mode().Perm()
+ goPerms := perms >> 3
+ // group or others have read access
+ if goPerms&0x44 != 0 {
+ fmt.Printf("The file %v has too open permissions.\n", filename)
+ fmt.Println("This is a security issue (it contains passwords).")
+ fmt.Printf("To fix it, run `chmod 600 %v`\n", filename)
+ return errors.New("account.conf permissions too lax")
+ }
+ return nil
+}