This function does some basic security checking on a given path. It is intended to be used by processes running with root privileges in order to decide whether or not to trust the contents of a given file. It uses a method often used to detect system compromise.
A file is considered 'secure' if it meets the following conditions:
- The file exists, and is a regular file (not a symlink, device special or named pipe, etc.),
- Is not world writable.
- Is owned by the given uid or uid 0, if uid is not -1,
- Is not group writable or it has group ownership by the given gid, if gid is not -1.