From: Duncaen <mail@duncano.de>
Date: Tue, 12 Dec 2017 01:17:09 +0000 (+0100)
Subject: persist_timestamp: don't allow og+rwx permission for timestamp directory
X-Git-Tag: v6.6~54
X-Git-Url: https://git.armaanb.net/?p=opendoas.git;a=commitdiff_plain;h=ef627e6d9df4eac6de11de4bcf4669823a424ad4

persist_timestamp: don't allow og+rwx permission for timestamp directory
---

diff --git a/persist_timestamp.c b/persist_timestamp.c
index d4ffdd3..c608dca 100644
--- a/persist_timestamp.c
+++ b/persist_timestamp.c
@@ -147,7 +147,7 @@ check:
 
 	if ((st.st_mode & S_IFMT) != S_IFDIR)
 		errx(1, "timestamp directory is not a directory");
-	if ((st.st_mode & (S_IWGRP|S_IRGRP|S_IWOTH|S_IROTH)) != 0)
+	if ((st.st_mode & (S_IWGRP|S_IRGRP|S_IXGRP|S_IWOTH|S_IROTH|S_IXOTH)) != 0)
 		errx(1, "timestamp directory permissions wrong");
 	if (st.st_uid != 0 || st.st_gid != 0)
 		errx(1, "timestamp directory is not owned by root");