ssh: add trust checks before sourcing env vars

2025-02-02 23:12:17 +08:00 · 2017-07-22 12:15:51 -04:00 · 2017-07-22 12:15:51 -04:00 · 84ad1f36df
commit 84ad1f36df
parent 3f8dace325
1 changed files with 13 additions and 0 deletions
--- a/modules/ssh/init.zsh
+++ b/modules/ssh/init.zsh
@ -16,6 +16,19 @@ _ssh_dir="$HOME/.ssh"
 # Set the path to the environment file if not set by another module.
 _ssh_agent_env="${_ssh_agent_env:-${TMPDIR:-/tmp}/ssh-agent.env.$UID}"

+# Due to the predictability of the env file, check the env file exists and is
+# owned by current EUID before trusting it.
+if [[ -f "$_ssh_agent_env" && ! -O "$_ssh_agent_env" ]]; then
+  cat 1>&2 <<-EOF
+	ERROR: Cannot trust the SSH agent environment variables persistence
+	file because it is owned by another user.
+	The ssh-agent will not be started.
+	$_ssh_agent_env
+	EOF
+  unset _ssh_{dir,agent_env}
+  return 1
+fi
+
 # If a socket exists at SSH_AUTH_SOCK, assume ssh-agent is already running and
 # skip starting it.
 if [[ ! -S "$SSH_AUTH_SOCK" ]]; then