Support "*" for CWD/CHROOT to allow user to specify cwd or chroot.

Adds two new command line options, -D (--chdir) and -R (--chroot) that can only be used when sudoers sets runcwd or runchroot to "*".
2020-09-01 14:10:02 -06:00
parent bd254e1042
commit 1676f0ceeb
17 changed files with 397 additions and 128 deletions
--- a/plugins/sudoers/sudoers.h
+++ b/plugins/sudoers/sudoers.h
@@ -90,6 +90,8 @@ struct sudo_user {
    char *shost;
    char *runhost;
    char *srunhost;
+    char *runchroot;
+    char *runcwd;
    char *prompt;
    char *cmnd;
    char *cmnd_args;
@@ -236,6 +238,8 @@ struct sudo_user {
 #define	runas_privs		(sudo_user.privs)
 #define	runas_limitprivs	(sudo_user.limitprivs)
 #define user_timeout		(sudo_user.timeout)
+#define user_runchroot		(sudo_user.runchroot)
+#define user_runcwd		(sudo_user.runcwd)

 /* Default sudoers uid/gid/mode if not set by the Makefile. */
 #ifndef SUDOERS_UID