Requiring ~/.s3cfg to be non-readable by non-owner

[ccotter]

Bug

s3cmd seems to permit the ~/.s3cfg file to have any permissions for reading by other users. Since the config file may contain the secret_key, it's important for this file to be readable only by the owner of the file to prevent unauthorized users from reading it.

Suggested solution

sshd supports a StrictModes flag (default enabled) which refuses to work with a given ssh private key if the key file has wide open permissions.

Can s3cmd similarly default to refuse to load the ~/.s3cfg file if its permissions are too wide open?

[snosratiershad]

@ccotter, I think we should warn users about it not require them to change permissions. something like helm:

WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /root/.kube/config
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /root/.kube/config

I'll try to send a PR.

[fviard]

Sorry, I took a long time to come back on this subject, but i'm not sure that I would agree to this change.

I think that the same subject was raised with AWS cli, and that my opinion is the same as for them.
I don't really want to create new scare or confusion for users, that might even have a valid case if they purposely do that.

What is important is that we create the configuration file with the right permission when you do the configure.
But otherwise, the world is not the same as it used to be for that to be a big risk.
Most personal computers will be single user, and for servers, the biggest chances are that s3cmd will be run inside a VM, a container, or a dedicated server nowadays.