From d45c604fec211ec969533771b83c5c94e0a5ed05 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Tue, 28 Oct 2008 14:37:04 -0400 Subject: [PATCH] fix bugs in authorized_* file permission checking. --- debian/changelog | 6 ++++++ debian/control | 2 +- src/common | 33 ++++++++++++++++++++------------- src/monkeysphere | 8 ++------ src/monkeysphere-server | 6 +++--- 5 files changed, 32 insertions(+), 23 deletions(-) diff --git a/debian/changelog b/debian/changelog index 83253a6..3131902 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +monkeysphere (0.18-1) UNRELEASED; urgency=low + + * Fix bugs in authorized_{user_ids,keys} file permission checking. + + -- Jameson Graef Rollins Tue, 28 Oct 2008 14:36:16 -0400 + monkeysphere (0.17-1) experimental; urgency=low [ Jameson Graef Rollins ] diff --git a/debian/control b/debian/control index 8f5aeef..efd734b 100644 --- a/debian/control +++ b/debian/control @@ -2,7 +2,7 @@ Source: monkeysphere Section: net Priority: extra Maintainer: Daniel Kahn Gillmor -Uploaders: Jameson Rollins +Uploaders: Jameson Graef Rollins Build-Depends: debhelper (>= 7.0), libgnutls-dev (>= 2.4.0) Standards-Version: 3.8.0.1 Homepage: http://web.monkeysphere.info/ diff --git a/src/common b/src/common index 5d92b26..68a69e9 100644 --- a/src/common +++ b/src/common @@ -24,7 +24,7 @@ export SYSCONFIGDIR # failure function. exits with code 255, unless specified otherwise. failure() { - echo "$1" >&2 + [ "$1" ] && echo "$1" >&2 exit ${2:-'255'} } @@ -393,8 +393,9 @@ test_gpg_expire() { # check that a file is properly owned, and that all it's parent # directories are not group/other writable check_key_file_permissions() { - local user + local uname local path + local stat local access local gAccess local oAccess @@ -404,30 +405,36 @@ check_key_file_permissions() { [ "$1" = "w" ] } - user="$1" + uname="$1" path="$2" - # return 0 is path does not exist - [ -e "$path" ] || return 0 + # return 255 if cannot stat file + if ! stat=$(ls -ld "$path" 2>/dev/null) ; then + log error "could not stat path '$path'." + return 255 + fi - owner=$(ls -l "$path" | awk '{ print $3 }') - gAccess=$(ls -l "$path" | cut -c6) - oAccess=$(ls -l "$path" | cut -c9) + owner=$(echo "$stat" | awk '{ print $3 }') + gAccess=$(echo "$stat" | cut -c6) + oAccess=$(echo "$stat" | cut -c9) - # check owner - if [ "$owner" != "$user" -a "$owner" != 'root' ] ; then + # return 1 if path has invalid owner + if [ "$owner" != "$uname" -a "$owner" != 'root' ] ; then + log error "improper ownership on path '$path'." return 1 fi - # check group/other writability + # return 2 if path has group or other writability if is_write "$gAccess" || is_write "$oAccess" ; then + log error "improper group or other writability on path '$path'." return 2 fi + # return zero if all clear, or go to next path if [ "$path" = '/' ] ; then return 0 else - check_key_file_permissions $(dirname "$path") + check_key_file_permissions "$uname" $(dirname "$path") fi } @@ -1018,7 +1025,7 @@ process_authorized_user_ids() { log debug "processing authorized_user_ids file..." if ! meat "$authorizedUserIDs" > /dev/null ; then - log debug "no user IDs to process." + log debug " no user IDs to process." return fi diff --git a/src/monkeysphere b/src/monkeysphere index dd689b5..5703995 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -347,14 +347,10 @@ case $COMMAND in MODE='authorized_keys' # check permissions on the authorized_user_ids file path - if ! check_key_file_permissions "$USER" "$AUTHORIZED_USER_IDS" ; then - failure "Improper permissions on authorized_user_ids file path." - fi + check_key_file_permissions "$USER" "$AUTHORIZED_USER_IDS" || failure # check permissions on the authorized_keys file path - if ! check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" ; then - failure "Improper permissions on authorized_keys file path." - fi + check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" || failure # exit if the authorized_user_ids file is empty if [ ! -e "$AUTHORIZED_USER_IDS" ] ; then diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 6ca6a4f..617c10a 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -213,7 +213,7 @@ update_users() { ". ${SYSSHAREDIR}/common; process_authorized_user_ids $TMP_AUTHORIZED_USER_IDS" RETURN="$?" else - log error "Improper permissions on path '$AUTHORIZED_USER_IDS'." + log verbose "not processing authorized_user_ids." fi fi @@ -226,7 +226,7 @@ update_users() { log verbose "adding raw authorized_keys file... " cat "$rawAuthorizedKeys" >> "$AUTHORIZED_KEYS" else - log error "Improper permissions on path '$RAW_AUTHORIZED_KEYS'. Not added to authorized_keys file." + log verbose "not adding raw authorized_keys file." fi fi @@ -371,7 +371,7 @@ EOF (umask 077 && \ gpg_host --export-secret-key "$fingerprint" | \ openpgp2ssh "$fingerprint" > "${SYSDATADIR}/ssh_host_rsa_key") - log info "Private SSH host key output to file: ${SYSDATADIR}/ssh_host_rsa_key" + log info "private SSH host key output to file: ${SYSDATADIR}/ssh_host_rsa_key" } # extend the lifetime of a host key: -- 2.26.2