From 4edf024f5ff7744c401aff98e1014e3e4571ca74 Mon Sep 17 00:00:00 2001 From: Davide Madrisan Date: Sat, 10 Nov 2012 21:42:10 +0100 Subject: [PATCH] libcfg.lib: do not check for configuration files groups and permissions Signed-off-by: Davide Madrisan --- ChangeLog | 6 ++++++ lib/libcfg.lib.in | 9 --------- 2 files changed, 6 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index c743a36..cd11a0e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -27,6 +27,12 @@ Changes in version 1.14.2 Remove the variable 'rpmbuild_group': it's no more needed. Personal data is located in the files ~/.autospec and ~/.autospec.d/*.conf ++ update + * lib/libcfg.lib - Davide Madrisan: + config.security(): do not check for configuration files groups and + permissions. These files are now own by root and never contain sensible + data (that is passwords). + ------------------------------------------------------------------------------- Changes in version 1.14.1 - _TO*Hacklab release diff --git a/lib/libcfg.lib.in b/lib/libcfg.lib.in index 8f2bdaf..e7aa657 100644 --- a/lib/libcfg.lib.in +++ b/lib/libcfg.lib.in @@ -61,15 +61,6 @@ function config.security() { [ "$(groups 2>/dev/null | grep $packager_group 2>/dev/null)" ] || notify.error $"\ user \`$(id -nu)' does not belong to group \`$packager_group'" - - # security check for configuration file(s) groups and permissions - for f in ${default_cfg[0]}; do - cfg_file_mod=(`find $f -printf "%g %m" 2>/dev/null`) - [[ ${cfg_file_mod[0]} = $packager_group && - "`expr ${cfg_file_mod[1]} : '.*\(.\)'`" = 0 ]] || - notify.warning $"\ -the file \`$f' should be readable only by the group \`$packager_group'" - done else notify.warning "\`packager_group' "$"unset in the configuration files" fi