Add ignore_perms plugin argument to skip the sudoers file security checks.

This is not intended to be used in a production environment.
2023-08-29 09:55:09 -06:00
parent 1eb4392e14
commit 3c05e748a4
5 changed files with 46 additions and 4 deletions
--- a/plugins/sudoers/policy.c
+++ b/plugins/sudoers/policy.c
@@ -134,6 +134,15 @@ sudoers_policy_deserialize_info(struct sudoers_context *ctx, void *v,
 		}
 		continue;
 	    }
+	    if (MATCHES(*cur, "ignore_perms=")) {
+		int val = sudo_strtobool(*cur + sizeof("ignore_perms=") - 1);
+		if (val == -1) {
+		    INVALID("ignore_perms=");	/* Not a fatal error. */
+		} else {
+		    ctx->parser_conf.ignore_perms = val;
+		}
+		continue;
+	    }
 	    if (MATCHES(*cur, "sudoers_file=")) {
 		CHECK(*cur, "sudoers_file=");
 		path_sudoers = *cur + sizeof("sudoers_file=") - 1;