From: Anders Aspegren Søndergaard <andersas@gmail.com>
Date: Mon, 16 Nov 2009 14:43:25 +0000 (+0200)
Subject: wpa_supplicant: Fix ctrl_interface group permissions to allow read/execute
X-Git-Tag: hostap_0_7_0~32
X-Git-Url: http://www.project-moonshot.org/gitweb/?p=libeap.git;a=commitdiff_plain;h=3fd2a226f9dfb1ff5016e4f2809174f4ae8f33eb

wpa_supplicant: Fix ctrl_interface group permissions to allow read/execute

When using umask 0077, the control interface directory was left without
group read/execute permissions even if the configuration file explicitly
asked for the group to be allowed to access the control interface. Fix
this by adding read/execute permissions for group if a specific group is
defined in the configuration. [Bug 199]
---

diff --git a/wpa_supplicant/ctrl_iface_unix.c b/wpa_supplicant/ctrl_iface_unix.c
index 8c45bd6..2a62713 100644
--- a/wpa_supplicant/ctrl_iface_unix.c
+++ b/wpa_supplicant/ctrl_iface_unix.c
@@ -332,6 +332,14 @@ wpa_supplicant_ctrl_iface_init(struct wpa_supplicant *wpa_s)
 		goto fail;
 	}
 
+	/* Make sure the group can enter and read the directory */
+	if (gid_set &&
+	    chmod(dir, S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP) < 0) {
+		wpa_printf(MSG_ERROR, "CTRL: chmod[ctrl_interface]: %s",
+			   strerror(errno));
+		goto fail;
+	}
+
 	if (os_strlen(dir) + 1 + os_strlen(wpa_s->ifname) >=
 	    sizeof(addr.sun_path)) {
 		wpa_printf(MSG_ERROR, "ctrl_iface path limit exceeded");