Fix security problems with dtach sockets.

[notmuch-wiki] / remoteusage.mdwn

diff --git a/remoteusage.mdwn b/remoteusage.mdwn
index 2e320ce6dec64b9000354e67eb0dd9ad9fb9930c..19de21275188e120f1867f15e1ca855b3c9e08db 100644 (file)
--- a/remoteusage.mdwn
+++ b/remoteusage.mdwn
@@ -18,15 +18,19 @@ couple of common unix utilities (ssh and dtach).
 You will need to have the following items in place:
 
 1.  a working notmuch on one computer (let's call that computer
 You will need to have the following items in place:
 
 1.  a working notmuch on one computer (let's call that computer

-"server"). 
+"server").
+

 2.  a working notmuch emacs interface on another computer (let's call
 that computer "client")
 2.  a working notmuch emacs interface on another computer (let's call
 that computer "client")

-3.   `ssh` and `dtach` on your client computer. (TODO: Make dtach
+
+3.  `ssh` and `dtach` on your client computer. (TODO: Make dtach

 optional, or allow screen or tmux to be used instead.)
 optional, or allow screen or tmux to be used instead.)

-4.   password-free login (public key authentication) from client to
+
+4.  password-free login (public key authentication) from client to

 server. [Here](http://www.debian-administration.org/articles/152) is a
 good page on how to set it up.
 server. [Here](http://www.debian-administration.org/articles/152) is a
 good page on how to set it up.

-5.   a reasonably fast connection. (This isn't really *neccessary*, but
+
+5.  a reasonably fast connection. (This isn't really *neccessary*, but

 if your connection is too slow, this won't be very pleasant to use,
 and certainly won't seem transparent.)
 
 if your connection is too slow, this won't be very pleasant to use,
 and certainly won't seem transparent.)
 


@@ -37,47 +41,72 @@ Now we will need to write a simple shell script that does two things:
 
 1.  replaces the call to the notmuch binary with a call to notmuch
 over ssh.
 
 1.  replaces the call to the notmuch binary with a call to notmuch
 over ssh.

+

 2.  sets up a running, detached, ssh connection to the server, so that
 future calls can reuse the socket.
 
 2.  sets up a running, detached, ssh connection to the server, so that
 future calls can reuse the socket.
 

-    #!/usr/bin/env bash
-    
-    SSH_BIN="ssh"
-    USER="example_user"
-    SSH_HOST="example.com"
-    SSH_SOCKET="/tmp/notmuch_ssh.socket"
-    NOTMUCH_REMOTE_BIN="notmuch"
-    DTACH="dtach"
-    DTACH_SOCKET="/tmp/notmuch_dtach.socket"
-    
-    check_for_socket ()
-    {
-        [ -S "${SSH_SOCKET}" ]
-    }
-    
-    check_if_socket_alive ()
-    {
-        timeout 1 $SSH_BIN -S ${SSH_SOCKET} $USER@$SSH_HOST true > /dev/null
-    }
-    
-    start_socket ()
-    {
-        dtach_command="${DTACH} -n ${DTACH_SOCKET} ${SSH_BIN} -M -S ${SSH_SOCKET} ${USER}@${SSH_HOST}"
-        command -v ${DTACH} &>/dev/null && ${dtach_command} || 
-        echo "${DTACH} not installed"
-    }
-    
-    notmuch_run ()
-    {
-        check_for_socket || start_socket
-        CMD=$1
-        shift
-        printf -v ARGS "%q " "$@"
-        $SSH_BIN -S $SSH_SOCKET $USER@$SSH_HOST $NOTMUCH_REMOTE_BIN ${CMD} ${ARGS}
-    }
-    
-    notmuch_run $@
+        #!/usr/bin/env bash

 
 

+        SSH_BIN="ssh"
+        USER="example_user"
+        SSH_HOST="example.com"
+        SOCKET_DIR="/tmp/notmuch_socks"
+        SSH_SOCKET="${SOCKET_DIR}/ssh.socket"
+        NOTMUCH_REMOTE_BIN="notmuch"
+        DTACH="/usr/bin/dtach"
+        DTACH_SOCKET="${SOCKET_DIR}/dtach.socket"
+        
+        check_for_socket_dir ()
+        {
+            [ -d "${SOCKET_DIR}" ]
+        }
+        
+        check_socket_dir_owner_and_perm ()
+        {
+            [ "$(stat -c %U ${SOCKET_DIR})" = "$(whoami)" ] &&
+            [ "$(stat -c %a ${SOCKET_DIR})" = "700" ]
+        }
+        
+        create_socket_dir ()
+        {
+            
+            mkdir "${SOCKET_DIR}" $(id -u)
+            chmod 700 "${SOCKET_DIR}" 
+        }
+        
+        check_create_socket_dir ()
+        {
+            if ! check_for_socket_dir; then 
+                create_socket_dir || 
+                (echo "Couldn't create socket directory at ${SOCKET_DIR}" >&2 && exit 1)
+            elif ! check_socket_dir_owner_and_perm; then
+                (echo "Incorrect permissions at ${SOCKET_DIR}" >&2 && exit 1)
+            fi
+        }
+        
+        check_for_socket ()
+        {
+            [ -S "${SSH_SOCKET}" ]
+        }
+        
+        start_socket ()
+        {
+            dtach_command="${DTACH} -n ${DTACH_SOCKET} ${SSH_BIN} -M -S ${SSH_SOCKET} ${USER}@${SSH_HOST}"
+            command -v ${DTACH} &>/dev/null && ${dtach_command} || 
+            echo "${DTACH} not installed"
+        }
+        
+        notmuch_run ()
+        {
+            check_for_socket || (check_create_socket_dir && start_socket)
+            CMD=$1
+            shift
+            printf -v ARGS "%q " "$@"
+            $SSH_BIN -S $SSH_SOCKET $USER@$SSH_HOST $NOTMUCH_REMOTE_BIN ${CMD} ${ARGS}
+        }
+        
+        notmuch_run $@
+    

        
 Save this to a file, "remote-notmuch.sh", in your path.
 
        
 Save this to a file, "remote-notmuch.sh", in your path.