From 6ef7064d32718cc3b93f1c240e5e88c48fa4cf66 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 26 Jul 2009 21:33:26 -0400 Subject: [PATCH] added MONKEYSPHERE_STRICT_MODES environment option to disable permissions checking. --- man/man1/monkeysphere.1 | 5 +++++ man/man8/monkeysphere-authentication.8 | 5 +++++ src/monkeysphere | 1 + src/monkeysphere-authentication | 1 + src/share/common | 4 ++++ src/share/defaultenv | 6 +++++- 6 files changed, 21 insertions(+), 1 deletion(-) diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1 index 1c9217f..76eaf8d 100644 --- a/man/man1/monkeysphere.1 +++ b/man/man1/monkeysphere.1 @@ -168,6 +168,11 @@ Path to ssh authorized_keys file. (~/.ssh/authorized_keys) MONKEYSPHERE_PROMPT If set to `false', never prompt the user for confirmation. (true) .TP +MONKEYSPHERE_STRICT_MODES +If set to `false', ignore too-loose permissions on known_hosts, +authorized_keys, and authorized_user_ids files. NOTE: setting this to +false may expose you to abuse by other users on the system. (true) +.TP MONKEYSPHERE_SUBKEYS_FOR_AGENT A space-separated list of authentication-capable subkeys to add to the ssh agent with subkey-to-ssh-agent. diff --git a/man/man8/monkeysphere-authentication.8 b/man/man8/monkeysphere-authentication.8 index a687f4e..572aa6a 100644 --- a/man/man8/monkeysphere-authentication.8 +++ b/man/man8/monkeysphere-authentication.8 @@ -165,6 +165,11 @@ raw authorized_keys file. %h gets replaced with the user's homedir, .TP MONKEYSPHERE_PROMPT If set to `false', never prompt the user for confirmation. (true) +.TP +MONKEYSPHERE_STRICT_MODES +If set to `false', ignore too-loose permissions on known_hosts, +authorized_keys, and authorized_user_ids files. NOTE: setting this to +false may expose users to abuse by other users on the system. (true) .SH FILES diff --git a/src/monkeysphere b/src/monkeysphere index 341b9fd..4750533 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -197,6 +197,7 @@ PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT} KNOWN_HOSTS=${MONKEYSPHERE_KNOWN_HOSTS:=$KNOWN_HOSTS} HASH_KNOWN_HOSTS=${MONKEYSPHERE_HASH_KNOWN_HOSTS:=$HASH_KNOWN_HOSTS} AUTHORIZED_KEYS=${MONKEYSPHERE_AUTHORIZED_KEYS:=$AUTHORIZED_KEYS} +STRICT_MODES=${MONKEYSPHERE_STRICT_MODES:=$STRICT_MODES} # other variables not in config file AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:="${MONKEYSPHERE_HOME}/authorized_user_ids"} diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication index b37949e..df7d9bc 100755 --- a/src/monkeysphere-authentication +++ b/src/monkeysphere-authentication @@ -125,6 +125,7 @@ MONKEYSPHERE_GROUP=$(get_primary_group "$MONKEYSPHERE_USER") PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT} AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=$AUTHORIZED_USER_IDS} RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=$RAW_AUTHORIZED_KEYS} +STRICT_MODES=${MONKEYSPHERE_STRICT_MODES:=$STRICT_MODES} # other variables REQUIRED_USER_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_USER_KEY_CAPABILITY:="a"} diff --git a/src/share/common b/src/share/common index 3f71719..cad2572 100644 --- a/src/share/common +++ b/src/share/common @@ -424,6 +424,10 @@ check_key_file_permissions() { uname="$1" path="$2" + if [ "$STRICT_MODES" = 'false' ] ; then + log debug "skipping path permission check for '$path' because STRICT_MODES is false..." + return 0 + fi log debug "checking path permission '$path'..." # rewrite path if it points to a symlink diff --git a/src/share/defaultenv b/src/share/defaultenv index b54a518..501478f 100644 --- a/src/share/defaultenv +++ b/src/share/defaultenv @@ -18,9 +18,13 @@ LOG_LEVEL="INFO" # default keyserver KEYSERVER="pool.sks-keyservers.net" -# whether or not to check keyservers by defaul +# whether or not to check keyservers by default CHECK_KEYSERVER="true" +# whether or not to care about extra write bits on sensitive files +# like known_hosts, authorized_keys, and authorized_user_ids +STRICT_MODES="true" + # default monkeysphere user MONKEYSPHERE_USER="monkeysphere" -- 2.25.1