gentoo-overlay/net-dns/ddclient/files/ddclient-reasonable-security.patch

--- ddclient	2006-04-11 10:14:16.000000000 +0100
+++ ddclient	2006-04-11 20:31:14.000000000 +0100
@@ -776,15 +776,10 @@
 	# fatal("Cannot open file '%s'. ($!)", $file);
 	warning("Cannot open file '%s'. ($!)", $file);
     }
-    # Check for only owner has any access to config file
+    # Guard against world-readability of config file
     my ($dev, $ino, $mode, @statrest) = stat(FD);
-    if ($mode & 077) {                          
-	if (-f FD && (chmod 0600, $file)) {
-	    warning("file $file must be accessible only by its owner (fixed).");
-	} else {
-	    # fatal("file $file must be accessible only by its owner.");
-	    warning("file $file must be accessible only by its owner.");
-	}
+    if ($mode & 007) {
+		fatal("Must not be world-accessible\nchange its permissions using e.g.\nchmod 640", $file);
     }
 
     local $lineno       = 0;
added latest version of ddclient, including my patch for everydns.net-support 2007-12-18 00:43:37 +01:00			`--- ddclient 2006-04-11 10:14:16.000000000 +0100`
			`+++ ddclient 2006-04-11 20:31:14.000000000 +0100`
			`@@ -776,15 +776,10 @@`
			`# fatal("Cannot open file '%s'. ($!)", $file);`
			`warning("Cannot open file '%s'. ($!)", $file);`
			`}`
			`- # Check for only owner has any access to config file`
			`+ # Guard against world-readability of config file`
			`my ($dev, $ino, $mode, @statrest) = stat(FD);`
			`- if ($mode & 077) {`
			`- if (-f FD && (chmod 0600, $file)) {`
			`- warning("file $file must be accessible only by its owner (fixed).");`
			`- } else {`
			`- # fatal("file $file must be accessible only by its owner.");`
			`- warning("file $file must be accessible only by its owner.");`
			`- }`
			`+ if ($mode & 007) {`
			`+ fatal("Must not be world-accessible\nchange its permissions using e.g.\nchmod 640", $file);`
			`}`

			`local $lineno = 0;`