mirror of
https://github.com/systemd/systemd.git
synced 2024-10-27 18:55:40 +03:00
cryptsetup: only warn on real key files
Simplify the check from commit 05f73ad
to only apply the warning to regular
files instead of enumerating device nodes.
This commit is contained in:
parent
d109a95f3d
commit
3f4d56a069
@ -624,10 +624,8 @@ int main(int argc, char *argv[]) {
|
||||
|
||||
/* Ideally we'd do this on the open fd, but since this is just a
|
||||
* warning it's OK to do this in two steps. */
|
||||
if (stat(key_file, &st) >= 0 && (st.st_mode & 0005)) {
|
||||
if(!STR_IN_SET(key_file, "/dev/urandom", "/dev/random", "/dev/hw_random"))
|
||||
log_warning("Key file %s is world-readable. This is not a good idea!", key_file);
|
||||
}
|
||||
if (stat(key_file, &st) >= 0 && S_ISREG(st.st_mode) && (st.st_mode & 0005))
|
||||
log_warning("Key file %s is world-readable. This is not a good idea!", key_file);
|
||||
}
|
||||
|
||||
for (tries = 0; arg_tries == 0 || tries < arg_tries; tries++) {
|
||||
|
Loading…
Reference in New Issue
Block a user