projects
/
monkeysphere.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Added file permission check function, and fixed bug in key writing for
[monkeysphere.git]
/
src
/
monkeysphere
diff --git
a/src/monkeysphere
b/src/monkeysphere
index a25fd6a64257a780fc6628842f119218a1f198ee..cfd57357c6e9c4906ea3e14b1c8f9b43808c5af2 100755
(executable)
--- a/
src/monkeysphere
+++ b/
src/monkeysphere
@@
-24,6
+24,9
@@
unset GREP_OPTIONS
# default return code
RETURN=0
# default return code
RETURN=0
+# set the file creation mask to be only owner rw
+umask 077
+
########################################################################
# FUNCTIONS
########################################################################
########################################################################
# FUNCTIONS
########################################################################
@@
-204,6
+207,10
@@
case $COMMAND in
'update-known_hosts'|'update-known-hosts'|'k')
MODE='known_hosts'
'update-known_hosts'|'update-known-hosts'|'k')
MODE='known_hosts'
+ if ! check_key_file_permissions "$USER" "$KNOWN_HOSTS" ; then
+ failure "Improper permissions on known_hosts file."
+ fi
+
# if hosts are specified on the command line, process just
# those hosts
if [ "$1" ] ; then
# if hosts are specified on the command line, process just
# those hosts
if [ "$1" ] ; then
@@
-227,7
+234,11
@@
case $COMMAND in
# fail if the authorized_user_ids file is empty
if [ ! -s "$AUTHORIZED_USER_IDS" ] ; then
# fail if the authorized_user_ids file is empty
if [ ! -s "$AUTHORIZED_USER_IDS" ] ; then
- failure "$AUTHORIZED_USER_IDS is empty or does not exist."
+ failure "authorized_user_ids file '$AUTHORIZED_USER_IDS' is empty or does not exist."
+ fi
+
+ if ! check_key_file_permissions "$USER" "$AUTHORIZED_USER_IDS" ; then
+ failure "Improper permissions on authorized_user_ids file."
fi
# process authorized_user_ids file
fi
# process authorized_user_ids file