Call the approval plugin after the policy plugin accepts a command.
Previously, for intercepted commands we only called the policy plugin.
This commit is contained in:
Todd C. Miller
16
src/exec.c
16
src/exec.c
@@ -582,8 +582,6 @@ intercept_check_policy(PolicyCheckRequest *req,
|
||||
|
||||
switch (ok) {
|
||||
case 1:
|
||||
/* TODO: call approval plugin too */
|
||||
|
||||
/* Extract command path from command_info[] */
|
||||
if (command_info != NULL) {
|
||||
for (n = 0; command_info[n] != NULL; n++) {
|
||||
@@ -640,11 +638,16 @@ intercept_check_policy(PolicyCheckRequest *req,
|
||||
}
|
||||
closure->run_envp[n] = NULL;
|
||||
|
||||
/* Audit the event twice: once for the plugin, once for sudo. */
|
||||
audit_accept(policy_plugin.name, SUDO_POLICY_PLUGIN, command_info,
|
||||
closure->run_argv, closure->run_envp);
|
||||
audit_accept("sudo", SUDO_FRONT_END, command_info,
|
||||
closure->run_argv, closure->run_envp);
|
||||
|
||||
/* Call approval plugins and audit the result. */
|
||||
if (!approval_check(command_info, closure->run_argv, closure->run_envp))
|
||||
debug_return_int(0);
|
||||
|
||||
/* Audit the event again for the sudo front-end. */
|
||||
audit_accept("sudo", SUDO_FRONT_END, command_info, closure->run_argv,
|
||||
closure->run_envp);
|
||||
debug_return_int(1);
|
||||
case 0:
|
||||
if (*errstr == NULL)
|
||||
@@ -743,8 +746,7 @@ intercept_read(int fd, struct intercept_closure *closure)
|
||||
ret = true;
|
||||
|
||||
done:
|
||||
// XXX
|
||||
//intercept_message__free_unpacked(msg, NULL);
|
||||
intercept_message__free_unpacked(msg, NULL);
|
||||
free(buf);
|
||||
debug_return_bool(ret);
|
||||
}
|
||||
|
||||
@@ -123,14 +123,12 @@ static void iolog_show_version(int verbose, int argc, char * const argv[],
|
||||
static void unlink_plugin(struct plugin_container_list *plugin_list, struct plugin_container *plugin);
|
||||
static void free_plugin_container(struct plugin_container *plugin, bool ioplugin);
|
||||
|
||||
/* Audit plugin convenience functions. */
|
||||
/* Audit plugin convenience functions (some are public). */
|
||||
static void audit_open(void);
|
||||
static void audit_close(int exit_status, int error);
|
||||
static void audit_show_version(int verbose);
|
||||
|
||||
/* Approval plugin convenience functions. */
|
||||
static bool approval_check(char * const command_info[], char * const run_argv[],
|
||||
char * const run_envp[]);
|
||||
/* Approval plugin convenience functions (some are public). */
|
||||
static void approval_show_version(int verbose);
|
||||
|
||||
sudo_dso_public int main(int argc, char *argv[], char *envp[]);
|
||||
@@ -1832,7 +1830,7 @@ approval_show_version(int verbose)
|
||||
* This is a "one-shot" plugin that has no open/close and is only
|
||||
* called if the policy plugin accepts the command first.
|
||||
*/
|
||||
static bool
|
||||
bool
|
||||
approval_check(char * const command_info[], char * const run_argv[],
|
||||
char * const run_envp[])
|
||||
{
|
||||
|
||||
@@ -230,6 +230,8 @@ bool audit_reject(const char *plugin_name, unsigned int plugin_type,
|
||||
const char *audit_msg, char * const command_info[]);
|
||||
bool audit_error(const char *plugin_name, unsigned int plugin_type,
|
||||
const char *audit_msg, char * const command_info[]);
|
||||
bool approval_check(char * const command_info[], char * const run_argv[],
|
||||
char * const run_envp[]);
|
||||
extern const char *list_user;
|
||||
extern struct user_details user_details;
|
||||
extern int sudo_debug_instance;
|
||||
|
||||
Reference in New Issue
Block a user