isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Set group on sudo_debug when creating it to gid 0 so systems without

Browse Source 
BSD group semantics don't get the invoking user's group.
This commit is contained in:
Todd C. Miller
2012-11-12 17:12:34 -05:00
parent edf0881823
commit 0178d5ae01
1 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
common/sudo_debug.c
View File

@@ -138,10 +138,17 @@ int sudo_debug_init(const char *debugfile, const char *settings)
if (debugfile != NULL) { if (debugfile != NULL) {
if (sudo_debug_fd != -1) if (sudo_debug_fd != -1)
close(sudo_debug_fd); close(sudo_debug_fd);
sudo_debug_fd = open(debugfile, O_WRONLY|O_APPEND, S_IRUSR|S_IWUSR);
if (sudo_debug_fd == -1) {
/* Create debug file as needed and set group ownership. */
if (errno == ENOENT) {
sudo_debug_fd = open(debugfile, O_WRONLY|O_APPEND|O_CREAT, sudo_debug_fd = open(debugfile, O_WRONLY|O_APPEND|O_CREAT,
S_IRUSR|S_IWUSR); S_IRUSR|S_IWUSR);
}
if (sudo_debug_fd == -1) if (sudo_debug_fd == -1)
return 0; return 0;
fchown(sudo_debug_fd, (uid_t)-1, 0);
}
(void)fcntl(sudo_debug_fd, F_SETFD, FD_CLOEXEC); (void)fcntl(sudo_debug_fd, F_SETFD, FD_CLOEXEC);
sudo_debug_mode = SUDO_DEBUG_MODE_FILE; sudo_debug_mode = SUDO_DEBUG_MODE_FILE;
} else { } else {