From d1be231290b3867648ee417fad341fdf1caaa94b Mon Sep 17 00:00:00 2001
From: David Dykstra <dwd@samba.org>
Date: Tue, 24 Nov 1998 19:52:35 +0000
Subject: [PATCH] Make sure secrets file is not other-accessible, and owned by
 root if the daemon is running as root.  Suggested by     Mike Richardson
 <mike@quaking.demon.co.uk>

---
 authenticate.c | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/authenticate.c b/authenticate.c
index a4835a6d..ba83a899 100644
--- a/authenticate.c
+++ b/authenticate.c
@@ -75,12 +75,31 @@ static int get_secret(int module, char *user, char *secret, int len)
 	int fd, found=0;
 	char line[MAXPATHLEN];
 	char *p, *pass=NULL;
+	STRUCT_STAT st;
+	int ok = 1;
+	extern int am_root;
 
 	if (!fname || !*fname) return 0;
 
 	fd = open(fname,O_RDONLY);
 	if (fd == -1) return 0;
 
+	if (do_stat(fname, &st) == -1) {
+		rprintf(FERROR,"stat(%s) : %s\n", fname, strerror(errno));
+		ok = 0;
+	} else if ((st.st_mode & 06) != 0) {
+		rprintf(FERROR,"secrets file must not be other-accessible\n");
+		ok = 0;
+	} else if (am_root && (st.st_uid != 0)) {
+		rprintf(FERROR,"secrets file must be owned by root when running as root\n");
+		ok = 0;
+	}
+	if (!ok) {
+		rprintf(FERROR,"continuing without secrets file\n");
+		close(fd);
+		return 0;
+	}
+
 	while (!found) {
 		int i = 0;
 		memset(line, 0, sizeof(line));
-- 
2.34.1