Add ignore_perms plugin argument to skip the sudoers file security checks.

This is not intended to be used in a production environment.

docs/sudoers.man.in

@@ -25,7 +25,7 @@
 .nr BA @BAMAN@
 .nr LC @LCMAN@
 .nr PS @PSMAN@
-.TH "SUDOERS" "@mansectform@" "June 20, 2023" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
+.TH "SUDOERS" "@mansectform@" "August 28, 2023" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
 .nh
 .if n .ad l
 .SH "NAME"
@@ -130,6 +130,18 @@ A value of
 will disable error recovery.
 Prior to version 1.9.3, no error recovery was performed.
 .TP 6n
+ignore_perms=bool
+The
+\fIignore_perms\fR
+argument can be used to disable security checks when loading the
+\fIsudoers\fR
+file.
+If enabled, the
+\fIsudoers\fR
+file will be loaded regardless of the owner or file mode.
+This argument is intended to be used for testing purposes and
+should not be enabled on production systems.
+.TP 6n
 ldap_conf=pathname
 The
 \fIldap_conf\fR

docs/sudoers.mdoc.in

@@ -25,7 +25,7 @@
 .nr BA @BAMAN@
 .nr LC @LCMAN@
 .nr PS @PSMAN@
-.Dd June 20, 2023
+.Dd August 28, 2023
 .Dt SUDOERS @mansectform@
 .Os Sudo @PACKAGE_VERSION@
 .Sh NAME
@@ -123,6 +123,17 @@ A value of
 .Em false
 will disable error recovery.
 Prior to version 1.9.3, no error recovery was performed.
+.It ignore_perms=bool
+The
+.Em ignore_perms
+argument can be used to disable security checks when loading the
+.Em sudoers
+file.
+If enabled, the
+.Em sudoers
+file will be loaded regardless of the owner or file mode.
+This argument is intended to be used for testing purposes and
+should not be enabled on production systems.
 .It ldap_conf=pathname
 The
 .Em ldap_conf

plugins/sudoers/policy.c

@@ -134,6 +134,15 @@ sudoers_policy_deserialize_info(struct sudoers_context *ctx, void *v,
 		}
 		continue;
 	    }
+	    if (MATCHES(*cur, "ignore_perms=")) {
+		int val = sudo_strtobool(*cur + sizeof("ignore_perms=") - 1);
+		if (val == -1) {
+		    INVALID("ignore_perms=");	/* Not a fatal error. */
+		} else {
+		    ctx->parser_conf.ignore_perms = val;
+		}
+		continue;
+	    }
 	    if (MATCHES(*cur, "sudoers_file=")) {
 		CHECK(*cur, "sudoers_file=");
 		path_sudoers = *cur + sizeof("sudoers_file=") - 1;

plugins/sudoers/sudoers.c

@@ -1282,8 +1282,16 @@ open_sudoers(const char *path, char **outfile, bool doedit, bool *keepopen)
     debug_decl(open_sudoers, SUDOERS_DEBUG_PLUGIN);
 
     fd = sudo_open_conf_path(path, fname, sizeof(fname), open_file);
-    error = sudo_secure_fd(fd, S_IFREG, sudoers_file_uid(), sudoers_file_gid(),
-	&sb);
+    if (sudoers_ctx.parser_conf.ignore_perms) {
+	/* Skip sudoers security checks when ignore_perms is set. */
+	if (fd == -1 || fstat(fd, &sb) == -1)
+	    error = SUDO_PATH_MISSING;
+	else
+	    error = SUDO_PATH_SECURE;
+    } else {
+	error = sudo_secure_fd(fd, S_IFREG, sudoers_file_uid(),
+	    sudoers_file_gid(), &sb);
+    }
     switch (error) {
     case SUDO_PATH_SECURE:
 	/*

plugins/sudoers/sudoers.h

@@ -82,6 +82,7 @@ struct sudoers_parser_config {
     const char *sudoers_path;
     bool strict;
     bool recovery;
+    bool ignore_perms;
     int verbose;
     mode_t sudoers_mode;
     uid_t sudoers_uid;
@@ -91,6 +92,7 @@ struct sudoers_parser_config {
     NULL,	/* sudoers_path */					\
     false,	/* strict */						\
     true,	/* recovery */						\
+    false,	/* ignore_perms */					\
     1,		/* verbose level 1 */					\
     SUDOERS_MODE,							\
     SUDOERS_UID,							\