isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Main sudo should not block signals; the plugin should do this in

Browse Source 
check_policy.
This commit is contained in:
Todd C. Miller
2010-04-01 06:35:19 -04:00
parent ca2eee07b5
commit 44341c9c15
3 changed files with 0 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
plugins/sudoers/sudoers.c
View File

@@ -194,7 +194,6 @@ sudoers_policy_open(unsigned int version, sudo_conv_t conversation,
return -1;
}
/* XXX - signal setup duplicated in sudo.c */
/*
* Signal setup:
* Ignore keyboard-generated signals so the user cannot interrupt

16
src/sudo.c
View File

@@ -105,12 +105,10 @@ struct user_details user_details;
#if defined(RLIMIT_CORE) && !defined(SUDO_DEVEL)
static struct rlimit corelimit;
#endif /* RLIMIT_CORE && !SUDO_DEVEL */
sigaction_t saved_sa_int, saved_sa_quit, saved_sa_tstp;
int
main(int argc, char *argv[], char *envp[])
{
sigaction_t sa;
int nargc, sudo_mode;
char **nargv, **settings, **env_add;
char **user_info, **command_info, **argv_out, **user_env_out;
@@ -134,20 +132,6 @@ main(int argc, char *argv[], char *envp[])
if (geteuid() != 0)
errorx(1, "must be setuid root");
/*
* Signal setup:
* Ignore keyboard-generated signals so the user cannot interrupt
* us at some point and avoid the logging.
* XXX - leave this to the plugin?
*/
zero_bytes(&sa, sizeof(sa));
sigemptyset(&sa.sa_mask);
sa.sa_flags = SA_RESTART;
sa.sa_handler = SIG_IGN;
(void) sigaction(SIGINT, &sa, &saved_sa_int);
(void) sigaction(SIGQUIT, &sa, &saved_sa_quit);
(void) sigaction(SIGTSTP, &sa, &saved_sa_tstp);
/* Turn off core dumps and make sure fds 0-2 are open. */
disable_coredumps();
fix_fds();

6
src/sudo_edit.c
View File

@@ -55,7 +55,6 @@
#include "sudo.h"
extern sigaction_t saved_sa_int, saved_sa_quit, saved_sa_tstp;
extern char **environ;
static char *find_editor();
@@ -211,9 +210,6 @@ sudo_edit(int argc, char **argv, char **envp)
nargv[ac++] = tf[i++].tfile;
nargv[ac] = NULL;
/* Allow the editor to be suspended. */
(void) sigaction(SIGTSTP, &saved_sa_tstp, NULL);
/*
* Fork and exec the editor with the invoking user's creds,
* keeping track of the time spent in the editor.
@@ -225,8 +221,6 @@ sudo_edit(int argc, char **argv, char **envp)
goto cleanup;
} else if (kidpid == 0) {
/* child */
(void) sigaction(SIGINT, &saved_sa_int, NULL);
(void) sigaction(SIGQUIT, &saved_sa_quit, NULL);
set_perms(PERM_FULL_USER);
closefrom(def_closefrom);
execvp(nargv[0], nargv);