From 6ef7064d32718cc3b93f1c240e5e88c48fa4cf66 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Sun, 26 Jul 2009 21:33:26 -0400
Subject: added MONKEYSPHERE_STRICT_MODES environment option to disable
 permissions checking.

---
 src/share/common     | 4 ++++
 src/share/defaultenv | 6 +++++-
 2 files changed, 9 insertions(+), 1 deletion(-)

(limited to 'src/share')

diff --git a/src/share/common b/src/share/common
index 3f71719..cad2572 100644
--- a/src/share/common
+++ b/src/share/common
@@ -424,6 +424,10 @@ check_key_file_permissions() {
     uname="$1"
     path="$2"
 
+    if [ "$STRICT_MODES" = 'false' ] ; then
+	log debug "skipping path permission check for '$path' because STRICT_MODES is false..."
+	return 0
+    fi
     log debug "checking path permission '$path'..."
 
     # rewrite path if it points to a symlink
diff --git a/src/share/defaultenv b/src/share/defaultenv
index b54a518..501478f 100644
--- a/src/share/defaultenv
+++ b/src/share/defaultenv
@@ -18,9 +18,13 @@ LOG_LEVEL="INFO"
 # default keyserver
 KEYSERVER="pool.sks-keyservers.net"
 
-# whether or not to check keyservers by defaul
+# whether or not to check keyservers by default
 CHECK_KEYSERVER="true"
 
+# whether or not to care about extra write bits on sensitive files
+# like known_hosts, authorized_keys, and authorized_user_ids
+STRICT_MODES="true"
+
 # default monkeysphere user
 MONKEYSPHERE_USER="monkeysphere"
 
-- 
cgit v1.2.3