isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Add a comment to verify_import() to clarify its purpose.

Browse Source
This commit is contained in:
Todd C. Miller
2021-01-06 19:16:26 -07:00
parent 4e11bc0e26
commit 4603da02af
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/python/python_importblocker.c
View File

@@ -35,6 +35,8 @@ _verify_import(const char *file_path)
{ {
debug_decl(_verify_import, PYTHON_DEBUG_INTERNAL); debug_decl(_verify_import, PYTHON_DEBUG_INTERNAL);
// Check mode and owner similar to what we do in open_sudoers().
// This is to help avoid loading a potentially insecure module.
struct stat sb; struct stat sb;
if (stat(file_path, &sb) != 0) { if (stat(file_path, &sb) != 0) {
PyErr_Format(PyExc_ImportError, "Failed to stat file '%s'", file_path); PyErr_Format(PyExc_ImportError, "Failed to stat file '%s'", file_path);