From c1463b4a1814c668454ed9401d75482f9bbc7885 Mon Sep 17 00:00:00 2001
From: Shreya <shreya.malviya@gmail.com>
Date: Thu, 3 Jun 2021 16:11:33 +0530
Subject: [PATCH] Implement `has_sufficient_permissions` function for checking
 certificate files

---
 .../cc/setup/certificate/certificate_setup.py       | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/monkey/monkey_island/cc/setup/certificate/certificate_setup.py b/monkey/monkey_island/cc/setup/certificate/certificate_setup.py
index 959025e03..2cb2f1e03 100644
--- a/monkey/monkey_island/cc/setup/certificate/certificate_setup.py
+++ b/monkey/monkey_island/cc/setup/certificate/certificate_setup.py
@@ -14,10 +14,17 @@ def setup_certificate(config_options: IslandConfigOptions) -> (str, str):
             raise FileNotFoundError(f"File not found at {file}. Exiting.")
 
         if not has_sufficient_permissions(file):
-            raise InsecurePermissionsError(f"{file} has insecure permissions. Exiting.")
+            raise InsecurePermissionsError(
+                f"{file} has insecure permissions. Required permissions: r--------. Exiting."
+            )
 
     return crt_path, key_path
 
 
-def has_sufficient_permissions():
-    pass
+def has_sufficient_permissions(path: str) -> bool:
+    required_permissions = "0o400"
+
+    file_mode = os.stat(path).st_mode
+    file_permissions = oct(file_mode & 0o777)
+
+    return file_permissions == required_permissions