projects
/
monkeysphere.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
b35bede
)
added MONKEYSPHERE_STRICT_MODES environment option to disable permissions checking.
author
Daniel Kahn Gillmor
<dkg@fifthhorseman.net>
Mon, 27 Jul 2009 01:33:26 +0000
(21:33 -0400)
committer
Daniel Kahn Gillmor
<dkg@fifthhorseman.net>
Mon, 27 Jul 2009 01:33:26 +0000
(21:33 -0400)
man/man1/monkeysphere.1
patch
|
blob
|
history
man/man8/monkeysphere-authentication.8
patch
|
blob
|
history
src/monkeysphere
patch
|
blob
|
history
src/monkeysphere-authentication
patch
|
blob
|
history
src/share/common
patch
|
blob
|
history
src/share/defaultenv
patch
|
blob
|
history
diff --git
a/man/man1/monkeysphere.1
b/man/man1/monkeysphere.1
index 1c9217fe5b170751bcf0ca4e9eb7c10214d98da6..76eaf8dbd508e66b946cd8e8b66726c90e5d18da 100644
(file)
--- a/
man/man1/monkeysphere.1
+++ b/
man/man1/monkeysphere.1
@@
-168,6
+168,11
@@
Path to ssh authorized_keys file. (~/.ssh/authorized_keys)
MONKEYSPHERE_PROMPT
If set to `false', never prompt the user for confirmation. (true)
.TP
MONKEYSPHERE_PROMPT
If set to `false', never prompt the user for confirmation. (true)
.TP
+MONKEYSPHERE_STRICT_MODES
+If set to `false', ignore too-loose permissions on known_hosts,
+authorized_keys, and authorized_user_ids files. NOTE: setting this to
+false may expose you to abuse by other users on the system. (true)
+.TP
MONKEYSPHERE_SUBKEYS_FOR_AGENT
A space-separated list of authentication-capable subkeys to add to the
ssh agent with subkey-to-ssh-agent.
MONKEYSPHERE_SUBKEYS_FOR_AGENT
A space-separated list of authentication-capable subkeys to add to the
ssh agent with subkey-to-ssh-agent.
diff --git
a/man/man8/monkeysphere-authentication.8
b/man/man8/monkeysphere-authentication.8
index a687f4efb10a06d40bf6f86faeb5ab8298902aee..572aa6a3e68e3bd679e370dc0026b1cb265dd651 100644
(file)
--- a/
man/man8/monkeysphere-authentication.8
+++ b/
man/man8/monkeysphere-authentication.8
@@
-165,6
+165,11
@@
raw authorized_keys file. %h gets replaced with the user's homedir,
.TP
MONKEYSPHERE_PROMPT
If set to `false', never prompt the user for confirmation. (true)
.TP
MONKEYSPHERE_PROMPT
If set to `false', never prompt the user for confirmation. (true)
+.TP
+MONKEYSPHERE_STRICT_MODES
+If set to `false', ignore too-loose permissions on known_hosts,
+authorized_keys, and authorized_user_ids files. NOTE: setting this to
+false may expose users to abuse by other users on the system. (true)
.SH FILES
.SH FILES
diff --git
a/src/monkeysphere
b/src/monkeysphere
index 341b9fdbd4fefa8366a5d38205e99559d19e84d0..475053349f77ce8664e89be0efb7f38ae1ded33b 100755
(executable)
--- a/
src/monkeysphere
+++ b/
src/monkeysphere
@@
-197,6
+197,7
@@
PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT}
KNOWN_HOSTS=${MONKEYSPHERE_KNOWN_HOSTS:=$KNOWN_HOSTS}
HASH_KNOWN_HOSTS=${MONKEYSPHERE_HASH_KNOWN_HOSTS:=$HASH_KNOWN_HOSTS}
AUTHORIZED_KEYS=${MONKEYSPHERE_AUTHORIZED_KEYS:=$AUTHORIZED_KEYS}
KNOWN_HOSTS=${MONKEYSPHERE_KNOWN_HOSTS:=$KNOWN_HOSTS}
HASH_KNOWN_HOSTS=${MONKEYSPHERE_HASH_KNOWN_HOSTS:=$HASH_KNOWN_HOSTS}
AUTHORIZED_KEYS=${MONKEYSPHERE_AUTHORIZED_KEYS:=$AUTHORIZED_KEYS}
+STRICT_MODES=${MONKEYSPHERE_STRICT_MODES:=$STRICT_MODES}
# other variables not in config file
AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:="${MONKEYSPHERE_HOME}/authorized_user_ids"}
# other variables not in config file
AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:="${MONKEYSPHERE_HOME}/authorized_user_ids"}
diff --git
a/src/monkeysphere-authentication
b/src/monkeysphere-authentication
index b37949e4e3f061425e3761029741f837cc1fb5f7..df7d9bcf6ddf8fd2db17971973a37b7ca20ec0c8 100755
(executable)
--- a/
src/monkeysphere-authentication
+++ b/
src/monkeysphere-authentication
@@
-125,6
+125,7
@@
MONKEYSPHERE_GROUP=$(get_primary_group "$MONKEYSPHERE_USER")
PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT}
AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=$AUTHORIZED_USER_IDS}
RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=$RAW_AUTHORIZED_KEYS}
PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT}
AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=$AUTHORIZED_USER_IDS}
RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=$RAW_AUTHORIZED_KEYS}
+STRICT_MODES=${MONKEYSPHERE_STRICT_MODES:=$STRICT_MODES}
# other variables
REQUIRED_USER_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_USER_KEY_CAPABILITY:="a"}
# other variables
REQUIRED_USER_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_USER_KEY_CAPABILITY:="a"}
diff --git
a/src/share/common
b/src/share/common
index 3f71719f8fe4cbbb35c8ed45e8a0b6cd06368eb2..cad25729386b70e47b51f16079d0967f7628b14c 100644
(file)
--- a/
src/share/common
+++ b/
src/share/common
@@
-424,6
+424,10
@@
check_key_file_permissions() {
uname="$1"
path="$2"
uname="$1"
path="$2"
+ if [ "$STRICT_MODES" = 'false' ] ; then
+ log debug "skipping path permission check for '$path' because STRICT_MODES is false..."
+ return 0
+ fi
log debug "checking path permission '$path'..."
# rewrite path if it points to a symlink
log debug "checking path permission '$path'..."
# rewrite path if it points to a symlink
diff --git
a/src/share/defaultenv
b/src/share/defaultenv
index b54a518f4d43d09a7ed58e056289d1a504febc23..501478f7c74ceaa72c8d261a28efa18fdbbc271d 100644
(file)
--- a/
src/share/defaultenv
+++ b/
src/share/defaultenv
@@
-18,9
+18,13
@@
LOG_LEVEL="INFO"
# default keyserver
KEYSERVER="pool.sks-keyservers.net"
# default keyserver
KEYSERVER="pool.sks-keyservers.net"
-# whether or not to check keyservers by defaul
+# whether or not to check keyservers by defaul
t
CHECK_KEYSERVER="true"
CHECK_KEYSERVER="true"
+# whether or not to care about extra write bits on sensitive files
+# like known_hosts, authorized_keys, and authorized_user_ids
+STRICT_MODES="true"
+
# default monkeysphere user
MONKEYSPHERE_USER="monkeysphere"
# default monkeysphere user
MONKEYSPHERE_USER="monkeysphere"