Index: /server/common/oursrc/accountadm/admof.c
===================================================================
--- /server/common/oursrc/accountadm/admof.c	(revision 579)
+++ /server/common/oursrc/accountadm/admof.c	(revision 580)
@@ -14,5 +14,7 @@
 #include <string.h>
 #include <sys/types.h>
+#include <sys/stat.h>
 #include <pwd.h>
+#include <unistd.h>
 #include <netinet/in.h>
 #include <afs/vice.h>
@@ -97,4 +99,11 @@
 	if (fp == NULL)
 	    die("internal error: .k5login: %m\n");
+	struct stat st;
+	if (fstat(fileno(fp), &st) != 0)
+	    die("internal error: fstat: %m\n");
+	if (st.st_uid != pwd->pw_uid && st.st_uid != 0) {
+	    fclose(fp);
+	    die("internal error: bad .k5login permissions\n");
+	}
 	bool found = false;
 	char *line = NULL;