isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Only log the run environment for commands that are allowed.

Browse Source 
It may not be available otherwise and unless the command is being
run it has no real meaning.
This commit is contained in:
Todd C. Miller
2023-10-21 19:15:44 -06:00
parent 077826292c
commit 2b87749f8f
2 changed files with 6 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
plugins/sudoers/audit.c
View File

@@ -418,8 +418,7 @@ sudoers_audit_reject(const char *plugin_name, unsigned int plugin_type,
ret = false;
}
audit_to_eventlog(ctx, &evlog, command_info, ctx->runas.argv, env_get(),
NULL);
audit_to_eventlog(ctx, &evlog, command_info, ctx->runas.argv, NULL, NULL);
if (!eventlog_reject(&evlog, 0, message, NULL, NULL))
ret = false;
@@ -453,8 +452,7 @@ sudoers_audit_error(const char *plugin_name, unsigned int plugin_type,
debug_return_bool(false);
}
audit_to_eventlog(ctx, &evlog, command_info, ctx->runas.argv, env_get(),
NULL);
audit_to_eventlog(ctx, &evlog, command_info, ctx->runas.argv, NULL, NULL);
if (!eventlog_alert(&evlog, 0, &now, message, NULL))
ret = false;