+
+#define is_safe_file(p) 1
+
+FILE *ask_and_safe_open(const char* filename, const char* what)
+{
+ FILE *r;
+ char *directory;
+ char *fn;
+ int len;
+
+ /* Check stdin and stdout */
+ if(!isatty(0) || !isatty(1))
+ {
+ /* Argh, they are running us from a script or something. Write
+ the files to the current directory and let them burn in hell
+ for ever. */
+ fn = xstrdup(filename);
+ }
+ else
+ {
+ /* Ask for a file and/or directory name. */
+ fprintf(stdout, _("Please enter a file to save %s to [%s]: "),
+ what, filename);
+ fflush(stdout); /* Don't wait for a newline */
+ if((fn = readline(stdin)) == NULL)
+ {
+ fprintf(stderr, _("Error while reading stdin: %m\n"));
+ return NULL;
+ }
+ if(strlen(fn) == 0)
+ /* User just pressed enter. */
+ fn = xstrdup(filename);
+ }
+
+ if((strchr(fn, '/') == NULL) || (fn[0] != '/'))
+ {
+ /* The directory is a relative path or a filename. */
+ char *p;
+
+ directory = get_current_dir_name();
+ len = strlen(fn) + strlen(directory) + 2; /* 1 for the / */
+ p = xmalloc(len);
+ snprintf(p, len, "%s/%s", directory, fn);
+ free(fn);
+ fn = p;
+ }
+
+ if(!is_safe_file(fn))
+ {
+ fprintf(stderr, _("The file `%s' (or any of the leading directories) has unsafe permissions.\n"
+ "I will not create or overwrite this file.\n"),
+ fn);
+ return NULL;
+ }
+
+ if((r = fopen(fn, "w")) == NULL)
+ {
+ fprintf(stderr, _("Error opening file `%s': %m\n"),
+ fn);
+ }
+
+ free(fn);
+ free(directory);
+
+ return r;
+}