Avoid using vfork(2) in the DSO system(3) wrapper.

Traditional vfork(2) semantics make it unsafe for use for more than
just vfork(2) + execve(2).

config.h.in

@@ -1021,9 +1021,6 @@
 /* Define to 1 if you have the `va_copy' function. */
 #undef HAVE_VA_COPY
 
-/* Define to 1 if you have the `vfork' function. */
-#undef HAVE_VFORK
-
 /* Define to 1 if you have the `vsnprintf' function. */
 #undef HAVE_VSNPRINTF
 

configure

@@ -3261,7 +3261,6 @@ as_fn_append ac_func_c_list " faccessat HAVE_FACCESSAT"
 as_fn_append ac_func_c_list " wordexp HAVE_WORDEXP"
 as_fn_append ac_func_c_list " getauxval HAVE_GETAUXVAL"
 as_fn_append ac_func_c_list " strtoull HAVE_STRTOULL"
-as_fn_append ac_func_c_list " vfork HAVE_VFORK"
 as_fn_append ac_func_c_list " seteuid HAVE_SETEUID"
 
 # Auxiliary files required by this configure script.
@@ -21260,7 +21259,6 @@ done
 
 
 
-
   for ac_func in execvpe
 do :
   ac_fn_c_check_func "$LINENO" "execvpe" "ac_cv_func_execvpe"

configure.ac

@@ -2605,7 +2605,7 @@ dnl Function checks
 dnl
 AC_FUNC_GETGROUPS
 AC_FUNC_FSEEKO
-AC_CHECK_FUNCS_ONCE([fexecve fmemopen killpg nl_langinfo faccessat wordexp getauxval strtoull vfork])
+AC_CHECK_FUNCS_ONCE([fexecve fmemopen killpg nl_langinfo faccessat wordexp getauxval strtoull])
 AC_CHECK_FUNCS([execvpe], [SUDO_APPEND_INTERCEPT_EXP(execvpe)])
 AC_CHECK_FUNCS([pread], [
     # pread/pwrite on 32-bit HP-UX 11.x may not support large files

src/sudo_intercept.c

@@ -52,10 +52,6 @@
 #include "sudo_util.h"
 #include "pathnames.h"
 
-#ifndef HAVE_VFORK
-# define vfork fork
-#endif
-
 /* execl flavors */
 #define SUDO_EXECL	0x0
 #define SUDO_EXECLE	0x1
@@ -249,7 +245,7 @@ system_wrapper(const char *cmnd)
     if (sigprocmask(SIG_BLOCK, &mask, &omask) == -1)
 	debug_return_int(-1);
 
-    switch (child = vfork()) {
+    switch (child = fork()) {
     case -1:
 	/* error */
 	(void)sigprocmask(SIG_SETMASK, &omask, NULL);