From c0ca9dd0c37d3d678bad21748a85b0ede1e91465 Mon Sep 17 00:00:00 2001 From: "mooredan@suncup.net" Date: Thu, 11 Nov 2010 05:14:16 +0000 Subject: [PATCH] Fixed issue #123 - Check permissions on password file used If any password file is used, regardless if it is specified on the command line, ~/.passwd-s3fs or /etc/passwd-s3fs it is checked for appropriate permissions. No password file is allowed to have any others permissions Only the /etc/passwd-s3fs file is allowed to have any group permissions, all others are not allowed to have any group permissions. git-svn-id: http://s3fs.googlecode.com/svn/trunk@233 df820570-a93a-0410-bd06-b72b767a4274 --- s3fs/src/s3fs.cpp | 54 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) diff --git a/s3fs/src/s3fs.cpp b/s3fs/src/s3fs.cpp index a6f5e73..fa18c85 100644 --- a/s3fs/src/s3fs.cpp +++ b/s3fs/src/s3fs.cpp @@ -1581,6 +1581,55 @@ static int s3fs_utimens(const char *path, const struct timespec ts[2]) { return put_headers(path, meta); } +////////////////////////////////////////////////////////////////// +// check_passwd_file_perms +// +// expect that global passwd_file variable contains +// a non-empty value and is readable by the current user +// +// Check for too permissive access to the file +// help save users from themselves via a security hole +// +// only two options: return or error out +////////////////////////////////////////////////////////////////// +static void check_passwd_file_perms (void) { + + struct stat info; + + // let's get the file info + if (stat(passwd_file.c_str(), &info) != 0) { + fprintf (stderr, "%s: unexpected error from stat(%s, ) \n", + program_name.c_str(), passwd_file.c_str()); + exit(1); + } + + // return error if any file has others permissions + if ((info.st_mode & S_IROTH) || + (info.st_mode & S_IWOTH) || + (info.st_mode & S_IXOTH)) { + fprintf (stderr, "%s: credentials file %s should not have others permissions\n", + program_name.c_str(), passwd_file.c_str()); + exit(1); + } + + // Any local file should not have any group permissions + if (passwd_file != "/etc/passwd-s3fs") { + if ((info.st_mode & S_IRGRP) || + (info.st_mode & S_IWGRP) || + (info.st_mode & S_IXGRP)) { + fprintf (stderr, "%s: credentials file %s should not have group permissions\n", + program_name.c_str(), passwd_file.c_str()); + exit(1); + } + } + + // check for owner execute permissions? + + // /etc/passwd-s3fs can have group permissions + + return; +} + ////////////////////////////////////////////////////////////////// // read_passwd_file // @@ -1604,6 +1653,11 @@ static void read_passwd_file (void) { size_t last_pos = string::npos; bool default_found = 0; + // if you got here, the password file + // exists and is readable by the + // current user, check for permissions + check_passwd_file_perms(); + ifstream PF(passwd_file.c_str()); if (PF.good()) { while (getline(PF, line)) {