Browse Source

Make sure, .ssh directory and authorized_keys file are kept at correct permissions

pull/352/head
Sebastian Jackel 11 years ago
parent
commit
be7ce72ebe
  1. 11
      models/publickey.go

11
models/publickey.go

@ -69,7 +69,7 @@ func init() {
// Determine and create .ssh path. // Determine and create .ssh path.
SshPath = filepath.Join(homeDir(), ".ssh") SshPath = filepath.Join(homeDir(), ".ssh")
if err = os.MkdirAll(SshPath, os.ModePerm); err != nil { if err = os.MkdirAll(SshPath, 0700); err != nil {
log.Fatal(4, "fail to create SshPath(%s): %v\n", SshPath, err) log.Fatal(4, "fail to create SshPath(%s): %v\n", SshPath, err)
} }
} }
@ -155,6 +155,15 @@ func saveAuthorizedKeyFile(key *PublicKey) error {
if err != nil { if err != nil {
return err return err
} }
finfo, err := f.Stat()
if err != nil {
return err
}
if finfo.Mode().Perm() > 0600 {
log.Error("authorized_keys file has unusual permission flags: " + finfo.Mode().Perm() + " - setting to -rw-r--r--")
f.Chmod(0600)
}
defer f.Close() defer f.Close()
_, err = f.WriteString(key.GetAuthorizedString()) _, err = f.WriteString(key.GetAuthorizedString())

Loading…
Cancel
Save