isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Need to be root when switching to a different user.

Browse Source
This commit is contained in:
Todd C. Miller
2016-01-18 13:12:50 -07:00
parent 9f481f128d
commit 4b96e94f37
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/sudo_edit.c
View File

@@ -254,8 +254,21 @@ dir_is_writable(int dfd, struct user_details *ud, struct command_details *cd)
debug_decl(dir_is_writable, SUDO_DEBUG_EDIT) debug_decl(dir_is_writable, SUDO_DEBUG_EDIT)
int rc; int rc;
/* Change uid/gid/groups to invoking user, usually needs root perms. */
if (cd->euid != ROOT_UID) {
if (seteuid(ROOT_UID) != 0)
sudo_fatal("seteuid(ROOT_UID)");
}
switch_user(ud->uid, ud->gid, ud->ngroups, ud->groups); switch_user(ud->uid, ud->gid, ud->ngroups, ud->groups);
/* Access checks are done using the euid/egid and group vector. */
rc = faccessat(dfd, ".", W_OK, AT_EACCESS); rc = faccessat(dfd, ".", W_OK, AT_EACCESS);
/* Change uid/gid/groups back to target user, may need root perms. */
if (ud->uid != ROOT_UID) {
if (seteuid(ROOT_UID) != 0)
sudo_fatal("seteuid(ROOT_UID)");
}
switch_user(cd->euid, cd->egid, cd->ngroups, cd->groups); switch_user(cd->euid, cd->egid, cd->ngroups, cd->groups);
if (rc == 0) if (rc == 0)