Add support for local passwd-s3fs file

[GoogleCodeExporter]

In addition to the /etc/passwd-s3fs file, allow for a file in the users home 
directory to be examined for credentials if it is present.

$HOME/.passwd-s3fs

This, with the other options/features credentials need not be specified on the 
command line (presenting a security hole).

// Here is the order precedence for getting the
// keys:
//
// 1 - from the command line  (security risk)
// 2 - from a password file specified on the command line
// 3 - from environment variables
// 4 - from the users ~/.passwd-s3fs (if present)
// 5 - from /etc/passwd-s3fs (if present & readable)

If credentials cannot be determined, fail gracefully.

Original issue reported on code.google.com by dmoore4...@gmail.com on 7 Nov 2010 at 12:42

[GoogleCodeExporter]

Original comment by dmoore4...@gmail.com on 7 Nov 2010 at 12:42

• Changed state: Started

[GoogleCodeExporter]

A security tip I recommend: when loading a passwd-s3fs file, fail to start if 
the permissions are too permissive. For local ones it should be 600. I'm not 
sure what it should be for a global one, but certainly no weaker than 644.

SSH does this and it saves a lot of people from themselves.

Original comment by apetresc on 7 Nov 2010 at 1:12

[GoogleCodeExporter]

I'll keep this issue open until this is implemented. I thought of that too.

r227 satisfies original issue

Original comment by dmoore4...@gmail.com on 7 Nov 2010 at 1:41

[GoogleCodeExporter]

Issue completed, opened new issue concerning the checking of permissions on the 
passwd file.

Original comment by dmoore4...@gmail.com on 10 Nov 2010 at 6:22

• Changed state: Fixed