administrators authorized keys file can have read permissions for other users. (#481)

2025-07-31 01:35:11 +02:00 · 2021-03-09 10:02:51 -08:00 · 2021-03-09 10:02:51 -08:00 · 1a1a2ac5f1
commit 1a1a2ac5f1
parent bc7adf5a84
2 changed files with 40 additions and 22 deletions
--- a/auth.c
+++ b/auth.c
@ -527,7 +527,10 @@ auth_openfile(const char *file, struct passwd *pw, int strict_modes,
 			strerror(errno));
 		return NULL;
 	}
-	if (strict_modes && check_secure_file_permission(file, pw, 0) != 0) {
+
+	// read permissions for non-admin/non-system accounts are allowed.
+	// Unix does safe_path_fd() which allows 022 file permissions i.e., allowing read for other users.
+	if (strict_modes && check_secure_file_permission(file, pw, 1) != 0) {
 		fclose(f);
 		logit("Authentication refused.");
 		auth_debug_add("Ignored %s", file_type);
--- a/regress/pesterTests/Authorized_keys_fileperm.Tests.ps1
+++ b/regress/pesterTests/Authorized_keys_fileperm.Tests.ps1
@ -141,6 +141,21 @@ Describe "Tests for authorized_keys file permission" -Tags "CI" {
            $o | Should Be "1234"          
        }

+        It "$tC.$tI-authorized_keys-positive(other account can read authorized_keys file)"  -skip:$skip {
+            #setup to have current user as owner and grant it full control
+            Repair-FilePermission -Filepath $authorizedkeyPath -Owner $objUserSid -FullAccessNeeded $adminsSid,$systemSid,$objUserSid -confirm:$false
+
+            #add $PwdUser to access the file authorized_keys
+            $objPwdUserSid = Get-UserSid -User $PwdUser
+            Set-FilePermission -FilePath $authorizedkeyPath -User $objPwdUserSid -Perm "Read"
+
+            #Run
+            Start-SSHDTestDaemon -workDir $opensshbinpath -Arguments "-d -f $sshdconfig -o `"AuthorizedKeysFile .testssh/authorized_keys`" -E $sshdlog" -Port $port
+            $o = ssh -p $port -E $sshlog $ssouser@$server echo 1234
+            Stop-SSHDTestDaemon -Port $port
+            $o | Should Be "1234"
+        }
+
        It "$tC.$tI-authorized_keys-negative(authorized_keys is owned by other admin user)"  -skip:$skip {
            #setup to have current user (admin user) as owner and grant it full control
            Repair-FilePermission -Filepath $authorizedkeyPath -Owner $currentUserSid -FullAccessNeeded $adminsSid,$systemSid -confirm:$false
@ -154,13 +169,13 @@ Describe "Tests for authorized_keys file permission" -Tags "CI" {
            $sshdlog | Should Contain "Authentication refused."            
        }

-        It "$tC.$tI-authorized_keys-negative(other account can access private key file)"  -skip:$skip {
+        It "$tC.$tI-authorized_keys-negative(other account has modify permissions to authorized_keys file)"  -skip:$skip {
            #setup to have current user as owner and grant it full control            
            Repair-FilePermission -Filepath $authorizedkeyPath -Owner $objUserSid -FullAccessNeeded $adminsSid,$systemSid,$objUserSid -confirm:$false

            #add $PwdUser to access the file authorized_keys
            $objPwdUserSid = Get-UserSid -User $PwdUser
-            Set-FilePermission -FilePath $authorizedkeyPath -User $objPwdUserSid -Perm "Read"
+            Set-FilePermission -FilePath $authorizedkeyPath -User $objPwdUserSid -Perm "Modify"

            #Run
            Start-SSHDTestDaemon -workDir $opensshbinpath -Arguments "-d -f $sshdconfig -o `"AuthorizedKeysFile .testssh/authorized_keys`" -E $sshdlog" -Port $port