[Bug 1060] ~/.ssh/config check too strict on systems with per-user groups

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Jul 4 01:33:16 EST 2005


http://bugzilla.mindrot.org/show_bug.cgi?id=1060

           Summary: ~/.ssh/config check too strict on systems with per-user
                    groups
           Product: Portable OpenSSH
           Version: 4.1p1
          Platform: Other
               URL: http://bugs.debian.org/314347
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ssh
        AssignedTo: bitbucket at mindrot.org
        ReportedBy: cjwatson at debian.org


On systems (such as Debian) that default to per-user groups and 'umask 002', the
new ~/.ssh/config permissions check is too strict. It should permit
group-writability provided that the group in question contains at most the
file's owner, so that one can have a mode 0664 ~/.ssh/config owned by user
cjwatson and group cjwatson.

I'll attach a patch for this in a moment. It would also be useful for this to be
permitted under StrictGroups, although I haven't implemented that. Thanks.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list