From 273e14dda135a58b834a5a8dc005f0c26f3711e7 Mon Sep 17 00:00:00 2001 From: René 'Necoro' Neumann Date: Fri, 12 May 2023 20:52:49 +0200 Subject: Issue #95 Add warning when config can be read globally. --- pkg/config/config.go | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'pkg/config/config.go') diff --git a/pkg/config/config.go b/pkg/config/config.go index a7c540f..0d2c944 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -125,6 +125,17 @@ func Load(path string) (*Config, error) { return nil, fmt.Errorf("while opening '%s': %w", path, err) } + defer f.Close() + + stat, err := f.Stat() + if err != nil { + return nil, fmt.Errorf("while getting stats of '%s': %w", path, err) + } + + if stat.Mode().Perm()&0004 != 0 { + log.Warnf("Config file '%s' can be read by anyone. As this contains your IMAP credentials, you are advised to remove global read access.", path) + } + cfg := WithDefault() if err = cfg.parse(f); err != nil { return nil, fmt.Errorf("while parsing: %w", err) -- cgit v1.2.3-70-g09d2