If sudo is not set-user-ID root, check for the no_new_privs flag on Linux.
This flag disables set-user-ID at execve(2) time and may be set by default for some containers. GitHub issue #129.
This commit is contained in:
Todd C. Miller
14
src/sudo.c
14
src/sudo.c
@@ -32,6 +32,9 @@
|
|||||||
#include <sys/wait.h>
|
#include <sys/wait.h>
|
||||||
#include <sys/resource.h>
|
#include <sys/resource.h>
|
||||||
#include <sys/socket.h>
|
#include <sys/socket.h>
|
||||||
|
#ifdef __linux__
|
||||||
|
# include <sys/prctl.h>
|
||||||
|
#endif
|
||||||
#include <stddef.h>
|
#include <stddef.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
@@ -899,6 +902,17 @@ sudo_check_suid(const char *sudo)
|
|||||||
debug_decl(sudo_check_suid, SUDO_DEBUG_PCOMM);
|
debug_decl(sudo_check_suid, SUDO_DEBUG_PCOMM);
|
||||||
|
|
||||||
if (geteuid() != ROOT_UID) {
|
if (geteuid() != ROOT_UID) {
|
||||||
|
#if defined(__linux__) && defined(PR_GET_NO_NEW_PRIVS)
|
||||||
|
/* The no_new_privs flag disables set-user-ID at execve(2) time. */
|
||||||
|
if (prctl(PR_GET_NO_NEW_PRIVS, 0, 0, 0, 0) == 1) {
|
||||||
|
sudo_warnx(U_("The \"no new privileges\" flag is set, which "
|
||||||
|
"prevents sudo from running as root."));
|
||||||
|
sudo_warnx(U_("If sudo is running in a container, you may need "
|
||||||
|
"to adjust the container configuration to disable the flag."));
|
||||||
|
exit(EXIT_FAILURE);
|
||||||
|
}
|
||||||
|
#endif /* __linux__ && PR_GET_NO_NEW_PRIVS */
|
||||||
|
|
||||||
/* Search for sudo binary in PATH if not fully qualified. */
|
/* Search for sudo binary in PATH if not fully qualified. */
|
||||||
qualified = strchr(sudo, '/') != NULL;
|
qualified = strchr(sudo, '/') != NULL;
|
||||||
if (!qualified) {
|
if (!qualified) {
|
||||||
|
|||||||
Reference in New Issue
Block a user