X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;ds=sidebyside;f=src%2Fmonkeysphere;h=cfd57357c6e9c4906ea3e14b1c8f9b43808c5af2;hb=13298a58b39438ae9892194578b8b8f3d3b6013a;hp=a25fd6a64257a780fc6628842f119218a1f198ee;hpb=5fadec09dcd44c4dcad657a0f3d96878b592b77b;p=monkeysphere.git

diff --git a/src/monkeysphere b/src/monkeysphere
index a25fd6a..cfd5735 100755
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -24,6 +24,9 @@ unset GREP_OPTIONS
 # default return code
 RETURN=0
 
+# set the file creation mask to be only owner rw
+umask 077
+
 ########################################################################
 # FUNCTIONS
 ########################################################################
@@ -204,6 +207,10 @@ case $COMMAND in
     'update-known_hosts'|'update-known-hosts'|'k')
 	MODE='known_hosts'
 
+	if ! check_key_file_permissions "$USER" "$KNOWN_HOSTS" ; then
+	    failure "Improper permissions on known_hosts file."
+	fi
+
         # if hosts are specified on the command line, process just
         # those hosts
 	if [ "$1" ] ; then
@@ -227,7 +234,11 @@ case $COMMAND in
 
         # fail if the authorized_user_ids file is empty
 	if [ ! -s "$AUTHORIZED_USER_IDS" ] ; then
-	    failure "$AUTHORIZED_USER_IDS is empty or does not exist."
+	    failure "authorized_user_ids file '$AUTHORIZED_USER_IDS' is empty or does not exist."
+	fi
+
+	if ! check_key_file_permissions "$USER" "$AUTHORIZED_USER_IDS" ; then
+	    failure "Improper permissions on authorized_user_ids file."
 	fi
 
 	# process authorized_user_ids file