added MONKEYSPHERE_STRICT_MODES environment option to disable permissions checking.

6 files changed, 21 insertions, 1 deletions

diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1
index 1c9217f..76eaf8d 100644
--- a/man/man1/monkeysphere.1
+++ b/man/man1/monkeysphere.1
@@ -168,6 +168,11 @@ Path to ssh authorized_keys file. (~/.ssh/authorized_keys)
 MONKEYSPHERE_PROMPT
 If set to `false', never prompt the user for confirmation. (true)
 .TP
+MONKEYSPHERE_STRICT_MODES
+If set to `false', ignore too-loose permissions on known_hosts,
+authorized_keys, and authorized_user_ids files.  NOTE: setting this to
+false may expose you to abuse by other users on the system. (true)
+.TP
 MONKEYSPHERE_SUBKEYS_FOR_AGENT
 A space-separated list of authentication-capable subkeys to add to the
 ssh agent with subkey-to-ssh-agent.
diff --git a/man/man8/monkeysphere-authentication.8 b/man/man8/monkeysphere-authentication.8
index a687f4e..572aa6a 100644
--- a/man/man8/monkeysphere-authentication.8
+++ b/man/man8/monkeysphere-authentication.8
@@ -165,6 +165,11 @@ raw authorized_keys file.  %h gets replaced with the user's homedir,
 .TP
 MONKEYSPHERE_PROMPT
 If set to `false', never prompt the user for confirmation. (true)
+.TP
+MONKEYSPHERE_STRICT_MODES
+If set to `false', ignore too-loose permissions on known_hosts,
+authorized_keys, and authorized_user_ids files.  NOTE: setting this to
+false may expose users to abuse by other users on the system. (true)
 
 .SH FILES
 
diff --git a/src/monkeysphere b/src/monkeysphere
index 341b9fd..4750533 100755
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -197,6 +197,7 @@ PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT}
 KNOWN_HOSTS=${MONKEYSPHERE_KNOWN_HOSTS:=$KNOWN_HOSTS}
 HASH_KNOWN_HOSTS=${MONKEYSPHERE_HASH_KNOWN_HOSTS:=$HASH_KNOWN_HOSTS}
 AUTHORIZED_KEYS=${MONKEYSPHERE_AUTHORIZED_KEYS:=$AUTHORIZED_KEYS}
+STRICT_MODES=${MONKEYSPHERE_STRICT_MODES:=$STRICT_MODES}
 
 # other variables not in config file
 AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:="${MONKEYSPHERE_HOME}/authorized_user_ids"}
diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication
index b37949e..df7d9bc 100755
--- a/src/monkeysphere-authentication
+++ b/src/monkeysphere-authentication
@@ -125,6 +125,7 @@ MONKEYSPHERE_GROUP=$(get_primary_group "$MONKEYSPHERE_USER")
 PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT}
 AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=$AUTHORIZED_USER_IDS}
 RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=$RAW_AUTHORIZED_KEYS}
+STRICT_MODES=${MONKEYSPHERE_STRICT_MODES:=$STRICT_MODES}
 
 # other variables
 REQUIRED_USER_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_USER_KEY_CAPABILITY:="a"}
diff --git a/src/share/common b/src/share/common
index 3f71719..cad2572 100644
--- a/src/share/common
+++ b/src/share/common
@@ -424,6 +424,10 @@ check_key_file_permissions() {
     uname="$1"
     path="$2"
 
+    if [ "$STRICT_MODES" = 'false' ] ; then
+	log debug "skipping path permission check for '$path' because STRICT_MODES is false..."
+	return 0
+    fi
     log debug "checking path permission '$path'..."
 
     # rewrite path if it points to a symlink
diff --git a/src/share/defaultenv b/src/share/defaultenv
index b54a518..501478f 100644
--- a/src/share/defaultenv
+++ b/src/share/defaultenv
@@ -18,9 +18,13 @@ LOG_LEVEL="INFO"
 # default keyserver
 KEYSERVER="pool.sks-keyservers.net"
 
-# whether or not to check keyservers by defaul
+# whether or not to check keyservers by default
 CHECK_KEYSERVER="true"
 
+# whether or not to care about extra write bits on sensitive files
+# like known_hosts, authorized_keys, and authorized_user_ids
+STRICT_MODES="true"
+
 # default monkeysphere user
 MONKEYSPHERE_USER="monkeysphere"