+ /*
+ * Now handle commands that do involve connecting to a running tinc daemon.
+ * Authenticate the server by ensuring the parent directory can be
+ * traversed only by root. Note this is not totally race-free unless all
+ * ancestors are writable only by trusted users, which we don't verify.
+ */
+
+ struct stat statbuf;
+ char *lastslash = strrchr(controlsocketname, '/');
+ if(lastslash != NULL) {
+ /* control socket is not in cwd; stat its parent */
+ *lastslash = 0;
+ result = stat(controlsocketname, &statbuf);
+ *lastslash = '/';
+ } else
+ result = stat(".", &statbuf);
+
+ if(result < 0) {
+ fprintf(stderr, "Unable to check control socket directory permissions: %s\n", strerror(errno));
+ return 1;
+ }
+
+ if(statbuf.st_uid != 0 || (statbuf.st_mode & S_IXOTH) != 0 || (statbuf.st_gid != 0 && (statbuf.st_mode & S_IXGRP)) != 0) {
+ fprintf(stderr, "Insecure permissions on control socket directory\n");
+ return 1;
+ }