Initialize intercept_allow_setid to true if we use ptrace(2) and seccomp(2).

2022-05-04 13:32:28 -06:00
parent e84fdd99fd
commit 4ab6a87b96
11 changed files with 66 additions and 43 deletions
--- a/src/sudo.c
+++ b/src/sudo.c
@@ -863,6 +863,12 @@ command_info_to_details(char * const info[], struct command_details *details)
 	}
    }

+    if (ISSET(details->flags, CD_INTERCEPT|CD_LOG_SUBCMDS)) {
+	/* Use ptrace(2) for intercept/log_subcmds if possible. */
+	if (sudo_settings[ARG_INTERCEPT_SETID].value != NULL)
+	    SET(details->flags, CD_USE_PTRACE);
+    }
+
    if (!ISSET(details->flags, CD_SET_EUID))
 	details->cred.euid = details->cred.uid;
    if (!ISSET(details->flags, CD_SET_EGID))