diff --git a/package.json b/package.json index 23e47c0..935102d 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "wms-core", - "version": "0.16.1", + "version": "0.16.3", "description": "Node web framework", "repository": "git@gitlab.com:ArisuOngaku/wms-core.git", "author": "Alice Gaudon ", diff --git a/src/Application.ts b/src/Application.ts index ddcef9f..889ef73 100644 --- a/src/Application.ts +++ b/src/Application.ts @@ -186,9 +186,11 @@ export default abstract class Application { const fullPath = path.resolve(configDir, file); const stats = fs.lstatSync(fullPath); if (stats.uid !== process.getuid()) - throw new SecurityError(fullPath + ' is not owned by this process (' + process.getuid() + ').'); - if (stats.mode !== 400) - throw new SecurityError(fullPath + ' is not chmod 400.'); + throw new SecurityError(`${fullPath} is not owned by this process (${process.getuid()}).`); + + const mode = (stats.mode & parseInt('777', 8)).toString(8); + if (mode !== '400') + throw new SecurityError(`${fullPath} is ${mode}; should be 400.`); } // Check security fields diff --git a/src/components/MailComponent.ts b/src/components/MailComponent.ts index d42a1d7..38fd8b4 100644 --- a/src/components/MailComponent.ts +++ b/src/components/MailComponent.ts @@ -8,9 +8,9 @@ export default class MailComponent extends ApplicationComponent { public async checkSecuritySettings(): Promise { - if (!config.get('mail.secure')) { - throw new SecurityError('Cannot set mail.secure to false'); - } + // if (!config.get('mail.secure')) { + // throw new SecurityError('Cannot set mail.secure to false'); + // } if (config.get('mail.allow_invalid_tls')) { throw new SecurityError('Cannot set mail.allow_invalid_tls to true'); }