diff options
| -rw-r--r-- | CHANGELOG.md | 4 | ||||
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | src/config.rs | 24 |
3 files changed, 25 insertions, 5 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 971d3fa..176a5a0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,10 @@ ## [Unreleased] +### Added + +* Error if the config contains credentials but is group or world readable. + ### Fixed * Changelog 0.1.0 link now references the tag not an arbitrary diff. @@ -74,8 +74,6 @@ it being ran every time a new MQTT message is published to this topic. ## Missing Features * Configurable timeouts (eventually configurable per process) -* Permission checks on `mqttr.toml` if it contains a password (to ensure the - password isn't being exposed) * Configurable QoS for each subscription (default is 0 (at most once)) * Pass message metadata via the environment (QoS, retain, dup) * Configurable logging diff --git a/src/config.rs b/src/config.rs index 0f9cff3..00790bd 100644 --- a/src/config.rs +++ b/src/config.rs @@ -1,8 +1,17 @@ // SPDX-FileCopyrightText: 2025 Tomasz Kramkowski <tomasz@kramkow.ski> // SPDX-License-Identifier: GPL-3.0-or-later -use std::{collections::HashMap, fs, path::Path, process, time::Duration}; +use std::{ + collections::HashMap, + fs::File, + io::Read, + os::unix::fs::PermissionsExt, + path::Path, + process, + time::Duration, +}; +use anyhow::bail; use rumqttc::{AsyncClient, EventLoop, MqttOptions}; use serde::Deserialize; @@ -54,6 +63,15 @@ impl Config { } pub fn load<P: AsRef<Path>>(path: P) -> anyhow::Result<Config> { - let config = fs::read_to_string(&path)?; - Ok(toml::from_str(&config)?) + let mut f = File::open(path)?; + let mut config = String::new(); + f.read_to_string(&mut config)?; + let config: Config = toml::from_str(&config)?; + if config.credentials.is_some() { + let mode = f.metadata()?.permissions().mode(); + if mode & 0o044 != 0o000 { + bail!("Config file contains credentials while being group or world readable."); + } + } + Ok(config) } |