- (void)fstat(fileno(hostf), &sbuf);
- if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid) {
+ /*
+ * if owned by someone other than user or root or if
+ * writeable by anyone but the owner, quit
+ */
+ if (fstat(fileno(hostf), &sbuf) ||
+ sbuf.st_uid && sbuf.st_uid != pwd->pw_uid ||
+ sbuf.st_mode&022) {