Update statbuf.st_mode based on SUDOERS_MODE when we are chaning from
0400 to whatever SUDOERS_MODE is (converting from the old sudoers mode). Assumes that SUDOERS_MODE is less restrictive than 0400 which should always be the case.
This commit is contained in:
Todd C. Miller
1
sudo.c
1
sudo.c
@@ -766,6 +766,7 @@ check_sudoers()
|
|||||||
if (chmod(_PATH_SUDOERS, SUDOERS_MODE) == 0) {
|
if (chmod(_PATH_SUDOERS, SUDOERS_MODE) == 0) {
|
||||||
(void) fprintf(stderr, "%s: fixed mode on %s\n",
|
(void) fprintf(stderr, "%s: fixed mode on %s\n",
|
||||||
Argv[0], _PATH_SUDOERS);
|
Argv[0], _PATH_SUDOERS);
|
||||||
|
statbuf.st_mode |= SUDOERS_MODE;
|
||||||
if (statbuf.st_gid != SUDOERS_GID) {
|
if (statbuf.st_gid != SUDOERS_GID) {
|
||||||
if (!chown(_PATH_SUDOERS,(uid_t) -1,SUDOERS_GID)) {
|
if (!chown(_PATH_SUDOERS,(uid_t) -1,SUDOERS_GID)) {
|
||||||
(void) fprintf(stderr, "%s: set group on %s\n",
|
(void) fprintf(stderr, "%s: set group on %s\n",
|
||||||
|
|||||||
Reference in New Issue
Block a user