diff options
| author | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2009-07-26 21:33:26 -0400 |
|---|---|---|
| committer | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2009-07-26 21:33:26 -0400 |
| commit | 6ef7064d32718cc3b93f1c240e5e88c48fa4cf66 (patch) | |
| tree | 164ef53dcade8a80f1821ea841e71275bbb92683 /src | |
| parent | b35bedeb0f5788345be2f9c1ac7753a3d002cb97 (diff) | |
added MONKEYSPHERE_STRICT_MODES environment option to disable permissions checking.
Diffstat (limited to 'src')
| -rwxr-xr-x | src/monkeysphere | 1 | ||||
| -rwxr-xr-x | src/monkeysphere-authentication | 1 | ||||
| -rw-r--r-- | src/share/common | 4 | ||||
| -rw-r--r-- | src/share/defaultenv | 6 |
4 files changed, 11 insertions, 1 deletions
diff --git a/src/monkeysphere b/src/monkeysphere index 341b9fd..4750533 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -197,6 +197,7 @@ PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT} KNOWN_HOSTS=${MONKEYSPHERE_KNOWN_HOSTS:=$KNOWN_HOSTS} HASH_KNOWN_HOSTS=${MONKEYSPHERE_HASH_KNOWN_HOSTS:=$HASH_KNOWN_HOSTS} AUTHORIZED_KEYS=${MONKEYSPHERE_AUTHORIZED_KEYS:=$AUTHORIZED_KEYS} +STRICT_MODES=${MONKEYSPHERE_STRICT_MODES:=$STRICT_MODES} # other variables not in config file AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:="${MONKEYSPHERE_HOME}/authorized_user_ids"} diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication index b37949e..df7d9bc 100755 --- a/src/monkeysphere-authentication +++ b/src/monkeysphere-authentication @@ -125,6 +125,7 @@ MONKEYSPHERE_GROUP=$(get_primary_group "$MONKEYSPHERE_USER") PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT} AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=$AUTHORIZED_USER_IDS} RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=$RAW_AUTHORIZED_KEYS} +STRICT_MODES=${MONKEYSPHERE_STRICT_MODES:=$STRICT_MODES} # other variables REQUIRED_USER_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_USER_KEY_CAPABILITY:="a"} diff --git a/src/share/common b/src/share/common index 3f71719..cad2572 100644 --- a/src/share/common +++ b/src/share/common @@ -424,6 +424,10 @@ check_key_file_permissions() { uname="$1" path="$2" + if [ "$STRICT_MODES" = 'false' ] ; then + log debug "skipping path permission check for '$path' because STRICT_MODES is false..." + return 0 + fi log debug "checking path permission '$path'..." # rewrite path if it points to a symlink diff --git a/src/share/defaultenv b/src/share/defaultenv index b54a518..501478f 100644 --- a/src/share/defaultenv +++ b/src/share/defaultenv @@ -18,9 +18,13 @@ LOG_LEVEL="INFO" # default keyserver KEYSERVER="pool.sks-keyservers.net" -# whether or not to check keyservers by defaul +# whether or not to check keyservers by default CHECK_KEYSERVER="true" +# whether or not to care about extra write bits on sensitive files +# like known_hosts, authorized_keys, and authorized_user_ids +STRICT_MODES="true" + # default monkeysphere user MONKEYSPHERE_USER="monkeysphere" |