[w3m-dev 03374] disable_secret_security_check

* etc.c (openSecurityFile): disable_secret_security_check
* fm.h (disable_secret_security_check): added
* rc.c (CMT_DISABLE_SECRET_SECURITY_CHECK): added
	(disable_secret_security_check): added
* NEWS: rc: disable_secret_security_check
From: Fumitoshi UKAI  <ukai@debian.or.jp>

1 files changed, 10 insertions, 2 deletions

diff --git a/etc.c b/etc.c
index 00ec3e2..74c9def 100644
--- a/etc.c
+++ b/etc.c
@@ -1,4 +1,4 @@
-/* $Id: etc.c,v 1.32 2002/11/05 17:12:02 ukai Exp $ */
+/* $Id: etc.c,v 1.33 2002/11/05 17:54:39 ukai Exp $ */
 #include "fm.h"
 #include <pwd.h>
 #include "myctype.h"
@@ -1047,8 +1047,16 @@ openSecretFile(char *fname)
 
     /* check permissions, if group or others readable or writable,
      * refuse it, because it's insecure.
+     *
+     * XXX: disable_secret_security_check will introduce some
+     *    security issues, but on some platform such as Windows
+     *	  it's not possible (or feasible) to disable group|other
+     *    readable and writable.
+     *	 [w3m-dev 03368][w3m-dev 03369][w3m-dev 03370]
      */
-    if ((st.st_mode & (S_IRWXG | S_IRWXO)) != 0) {
+    if (disable_secret_security_check)
+	/* do nothing */ ;
+    else if ((st.st_mode & (S_IRWXG | S_IRWXO)) != 0) {
 	if (fmInitialized) {
 	    message(Sprintf(FILE_IS_READABLE_MSG, fname)->ptr, 0, 0);
 	    refresh();