Beispiel #1
0
func CheckPerm(filename string) {
	Info.Println("using cgo to perform security check on ", filename)
	statstruct := C.stat //stat struct from C
	Info.Println("Initiated stat struct")
	path := C.CString(filename)
	Info.Println("Converted native string to C.CString")
	st := *(*C.struct_stat)(unsafe.Pointer(statstruct)) //Casting unsafe pointer to C.struct_stat
	Info.Println("Casting unsafe.Pointer(stat) to *(*C.struct_stat)")
	defer C.free(unsafe.Pointer(path)) //free the C.CString that is created in heap.
	C.stat(path, &st)
	uid := st.st_uid
	gid := st.st_gid
	if uid != 0 || gid != 0 {
		fmt.Println(filename, "not owned by root. Make it owned by root, and make it non-readable to groups and others.")
		Info.Println(filename, "not owned by root. Make it owned by root, and make it non-readable to groups and others.")
		os.Exit(1)
	}
	if st.st_mode&C.S_IRGRP > 0 || st.st_mode&C.S_IWGRP > 0 || st.st_mode&C.S_IXGRP > 0 ||
		st.st_mode&C.S_IROTH > 0 || st.st_mode&C.S_IWOTH > 0 || st.st_mode&C.S_IXOTH > 0 {
		fmt.Println(filename, "file permission too broad, make it non-readable to groups and others.")
		Info.Println(filename, "file permission too broad, make it non-readable to groups and others.")
		os.Exit(1)
	}
	Info.Println("File permission looks secure")
}
Beispiel #2
0
func Size(name string) (int64, os.Error) {
	var st C.struct_stat
	p := C.CString(name)
	_, err := C.stat(p, &st)
	C.free(unsafe.Pointer(p))
	if err != nil {
		return 0, err
	}
	return int64(C.ulong(st.st_size)), nil
}