summaryrefslogtreecommitdiffstats
path: root/models
diff options
context:
space:
mode:
author无闻 <joe2010xtmf@163.com>2014-08-07 06:43:58 -0400
committer无闻 <joe2010xtmf@163.com>2014-08-07 06:43:58 -0400
commite527c9b330d411a97a66b4ed58b3a12280d21bf8 (patch)
tree1bb5cd58a6701581d20cb3af9e38a0dc5a7317bf /models
parente8c9bb2c66a1f48820a93b670c2e6e67da94b354 (diff)
parent0bfbefc38a6cfdace6ede1d0c485e400898672d2 (diff)
downloadgitea-e527c9b330d411a97a66b4ed58b3a12280d21bf8.tar.gz
gitea-e527c9b330d411a97a66b4ed58b3a12280d21bf8.zip
Merge pull request #352 from DerDackel/ssh-permissions
Ensure correct permissions on .ssh and authorized_keys file
Diffstat (limited to 'models')
-rw-r--r--models/publickey.go13
1 files changed, 12 insertions, 1 deletions
diff --git a/models/publickey.go b/models/publickey.go
index baf381778e..83a3e1b87e 100644
--- a/models/publickey.go
+++ b/models/publickey.go
@@ -69,7 +69,7 @@ func init() {
// Determine and create .ssh path.
SshPath = filepath.Join(homeDir(), ".ssh")
- if err = os.MkdirAll(SshPath, os.ModePerm); err != nil {
+ if err = os.MkdirAll(SshPath, 0700); err != nil {
log.Fatal(4, "fail to create SshPath(%s): %v\n", SshPath, err)
}
}
@@ -156,6 +156,17 @@ func saveAuthorizedKeyFile(key *PublicKey) error {
return err
}
defer f.Close()
+ finfo, err := f.Stat()
+ if err != nil {
+ return err
+ }
+ if finfo.Mode().Perm() > 0600 {
+ log.Error(3, "authorized_keys file has unusual permission flags: %s - setting to -rw-------", finfo.Mode().Perm().String())
+ err = f.Chmod(0600)
+ if err != nil {
+ return err
+ }
+ }
_, err = f.WriteString(key.GetAuthorizedString())
return err