isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Pass in directory to check_user_runchroot() and check_user_runcwd().

Browse Source 
This way we do not rely on the runas_ctx global.
This commit is contained in:
Todd C. Miller
2023-08-14 13:25:13 -06:00
parent 2e8648ea0f
commit 737354390c
5 changed files with 20 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
plugins/sudoers/check_util.c
View File

@@ -57,28 +57,27 @@ check_user_shell(const struct passwd *pw)
} }
/* /*
* Check whether runas_ctx.chroot matches def_runchroot. * Check whether specified runchroot matches def_runchroot.
* Returns true if matched, false if not matched and -1 on error. * Returns true if matched, false if not matched and -1 on error.
*/ */
int int
check_user_runchroot(void) check_user_runchroot(const char *runchroot)
{ {
debug_decl(check_user_runchroot, SUDOERS_DEBUG_AUTH); debug_decl(check_user_runchroot, SUDOERS_DEBUG_AUTH);
if (runas_ctx.chroot == NULL) if (runchroot == NULL)
debug_return_bool(true); debug_return_bool(true);
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"def_runchroot %s, runas_ctx.chroot %s", "def_runchroot %s, runchroot %s",
def_runchroot ? def_runchroot : "none", def_runchroot ? def_runchroot : "none", runchroot ? runchroot : "none");
runas_ctx.chroot ? runas_ctx.chroot : "none");
/* User may only specify a root dir if runchroot is "*" */ /* User may only specify a root dir if runchroot is "*" */
if (def_runchroot == NULL || strcmp(def_runchroot, "*") != 0) if (def_runchroot == NULL || strcmp(def_runchroot, "*") != 0)
debug_return_bool(false); debug_return_bool(false);
free(def_runchroot); free(def_runchroot);
if ((def_runchroot = strdup(runas_ctx.chroot)) == NULL) { if ((def_runchroot = strdup(runchroot)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_int(-1); debug_return_int(-1);
} }
@@ -86,28 +85,27 @@ check_user_runchroot(void)
} }
/* /*
* Check whether runas_ctx.cwd matches def_runcwd. * Check whether specified runcwd matches def_runcwd.
* Returns true if matched, false if not matched and -1 on error. * Returns true if matched, false if not matched and -1 on error.
*/ */
int int
check_user_runcwd(void) check_user_runcwd(const char *runcwd)
{ {
debug_decl(check_user_runcwd, SUDOERS_DEBUG_AUTH); debug_decl(check_user_runcwd, SUDOERS_DEBUG_AUTH);
if (runas_ctx.cwd == NULL) if (runcwd == NULL)
debug_return_bool(true); debug_return_bool(true);
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"def_runcwd %s, runas_ctx.cwd %s", "def_runcwd %s, runcwd %s", def_runcwd ? def_runcwd : "none",
def_runcwd ? def_runcwd : "none", runcwd ? runcwd : "none");
runas_ctx.cwd ? runas_ctx.cwd : "none");
/* User may only specify a cwd if runcwd is "*" */ /* User may only specify a cwd if runcwd is "*" */
if (def_runcwd == NULL || strcmp(def_runcwd, "*") != 0) if (def_runcwd == NULL || strcmp(def_runcwd, "*") != 0)
debug_return_bool(false); debug_return_bool(false);
free(def_runcwd); free(def_runcwd);
if ((def_runcwd = strdup(runas_ctx.cwd)) == NULL) { if ((def_runcwd = strdup(runcwd)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_int(-1); debug_return_int(-1);
} }

4
plugins/sudoers/regress/fuzz/fuzz_policy.c
View File

@@ -713,14 +713,14 @@ check_user(unsigned int validated, unsigned int mode)
/* STUB */ /* STUB */
int int
check_user_runchroot(void) check_user_runchroot(const char *runchroot)
{ {
return true; return true;
} }
/* STUB */ /* STUB */
int int
check_user_runcwd(void) check_user_runcwd(const char *runcwd)
{ {
return true; return true;
} }

4
plugins/sudoers/sudoers.c
View File

@@ -488,7 +488,7 @@ sudoers_check_common(int pwflag)
} }
/* Check whether runas_ctx.chroot is permitted (if specified). */ /* Check whether runas_ctx.chroot is permitted (if specified). */
switch (check_user_runchroot()) { switch (check_user_runchroot(runas_ctx.chroot)) {
case true: case true:
break; break;
case false: case false:
@@ -503,7 +503,7 @@ sudoers_check_common(int pwflag)
} }
/* Check whether runas_ctx.cwd is permitted (if specified). */ /* Check whether runas_ctx.cwd is permitted (if specified). */
switch (check_user_runcwd()) { switch (check_user_runcwd(runas_ctx.cwd)) {
case true: case true:
break; break;
case false: case false:

4
plugins/sudoers/sudoers.h
View File

@@ -264,8 +264,8 @@ bool user_is_exempt(void);
/* check_util.c */ /* check_util.c */
bool check_user_shell(const struct passwd *pw); bool check_user_shell(const struct passwd *pw);
int check_user_runchroot(void); int check_user_runchroot(const char *runchroot);
int check_user_runcwd(void); int check_user_runcwd(const char *runcwd);
/* prompt.c */ /* prompt.c */
char *expand_prompt(const char *old_prompt, const char *auth_user); char *expand_prompt(const char *old_prompt, const char *auth_user);

4
plugins/sudoers/testsudoers.c
View File

@@ -391,13 +391,13 @@ main(int argc, char *argv[])
CLR(validated, VALIDATE_SUCCESS); CLR(validated, VALIDATE_SUCCESS);
SET(validated, VALIDATE_FAILURE); SET(validated, VALIDATE_FAILURE);
} }
if (check_user_runchroot() != true) { if (check_user_runchroot(runas_ctx.chroot) != true) {
printf("\nUser %s is not allowed to change root directory to %s\n", printf("\nUser %s is not allowed to change root directory to %s\n",
user_ctx.name, runas_ctx.chroot); user_ctx.name, runas_ctx.chroot);
CLR(validated, VALIDATE_SUCCESS); CLR(validated, VALIDATE_SUCCESS);
SET(validated, VALIDATE_FAILURE); SET(validated, VALIDATE_FAILURE);
} }
if (check_user_runcwd() != true) { if (check_user_runcwd(runas_ctx.cwd) != true) {
printf("\nUser %s is not allowed to change directory to %s\n", printf("\nUser %s is not allowed to change directory to %s\n",
user_ctx.name, runas_ctx.cwd); user_ctx.name, runas_ctx.cwd);
CLR(validated, VALIDATE_SUCCESS); CLR(validated, VALIDATE_SUCCESS);