From d61e316833eb7d05b0b5c937bfce8ee0f19dc7cb Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sat, 22 May 2010 22:43:47 +0100 Subject: Allow ~/.ssh/authorized_keys and other secure files to be group-writable, provided that the group in question contains only the file's owner; this extends a patch previously applied to ~/.ssh/config (closes: #581919). --- misc.c | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) (limited to 'misc.c') diff --git a/misc.c b/misc.c index e1f723123..4ca318423 100644 --- a/misc.c +++ b/misc.c @@ -45,8 +45,9 @@ #include #ifdef HAVE_PATHS_H # include -#include #endif +#include +#include #ifdef SSH_TUN_OPENBSD #include #endif @@ -637,6 +638,30 @@ read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz, return -1; } +int +secure_permissions(struct stat *st, uid_t uid) +{ + if (st->st_uid != 0 && st->st_uid != uid) + return 0; + if ((st->st_mode & 020) != 0) { + /* If the file is group-writable, the group in question must + * have at most one member, namely the file's owner. + */ + struct passwd *pw = getpwuid(st->st_uid); + struct group *gr = getgrgid(st->st_gid); + if (!pw || !gr) + return 0; + else if (gr->gr_mem[0]) { + if (strcmp(pw->pw_name, gr->gr_mem[0]) || + gr->gr_mem[1]) + return 0; + } + } + if ((st->st_mode & 002) != 0) + return 0; + return 1; +} + int tun_open(int tun, int mode) { -- cgit v1.2.3