cybersecurity · intermediate · ~15 min · safe pentest lab

Check local file permissions

Read POSIX permission bits via stat.

Challenge

Implement int is_secret_file_safe(const char *path) returning:

  • 1 if the file at path is mode 600 (read+write owner only),
  • 0 if it exists but has any other permission bits set,
  • -1 if it can't be stat'd.

Detects accidentally world-readable secret files — a common cause of credential leaks in misconfigured deployments.

Starter code

#include <sys/stat.h>
#include <stdio.h>

int is_secret_file_safe(const char *path) {
    /* TODO */
    return -1;
}

Solve this exercise in the browser editor — compile and run against the test harness, no setup required.