diff options
author | Lennart Poettering <lennart@poettering.net> | 2020-07-17 11:53:22 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2020-07-21 09:56:44 +0200 |
commit | f294470262fed5dffbfd055b0054370dc3021662 (patch) | |
tree | a08028360228fe13ee7fb8708d0dd55611778e47 /src/network/netdev | |
parent | 2e3e2750bb85239aad2a02b5f6afa26f1588f5f7 (diff) | |
download | systemd-f294470262fed5dffbfd055b0054370dc3021662.tar.gz |
fileio: add explicit flag for generating world executable warning when reading file
Diffstat (limited to 'src/network/netdev')
-rw-r--r-- | src/network/netdev/macsec.c | 2 | ||||
-rw-r--r-- | src/network/netdev/wireguard.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/src/network/netdev/macsec.c b/src/network/netdev/macsec.c index 57d8f567b9..ab55a4a489 100644 --- a/src/network/netdev/macsec.c +++ b/src/network/netdev/macsec.c @@ -983,7 +983,7 @@ static int macsec_read_key_file(NetDev *netdev, SecurityAssociation *sa) { (void) warn_file_is_world_accessible(sa->key_file, NULL, NULL, 0); - r = read_full_file_full(AT_FDCWD, sa->key_file, READ_FULL_FILE_SECURE | READ_FULL_FILE_UNHEX, (char **) &key, &key_len); + r = read_full_file_full(AT_FDCWD, sa->key_file, READ_FULL_FILE_SECURE | READ_FULL_FILE_UNHEX | READ_FULL_FILE_WARN_WORLD_READABLE, (char **) &key, &key_len); if (r < 0) return log_netdev_error_errno(netdev, r, "Failed to read key from '%s', ignoring: %m", diff --git a/src/network/netdev/wireguard.c b/src/network/netdev/wireguard.c index b6af9925b7..9636ac7736 100644 --- a/src/network/netdev/wireguard.c +++ b/src/network/netdev/wireguard.c @@ -888,7 +888,7 @@ static int wireguard_read_key_file(const char *filename, uint8_t dest[static WG_ (void) warn_file_is_world_accessible(filename, NULL, NULL, 0); - r = read_full_file_full(AT_FDCWD, filename, READ_FULL_FILE_SECURE | READ_FULL_FILE_UNBASE64, &key, &key_len); + r = read_full_file_full(AT_FDCWD, filename, READ_FULL_FILE_SECURE | READ_FULL_FILE_UNBASE64 | READ_FULL_FILE_WARN_WORLD_READABLE, &key, &key_len); if (r < 0) return r; |