isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Mark code that escapes/unescapes "sudo -s cmd args..." for removal.

Browse Source 
A future version of the plugin API will defer any such escaping
to the policy plugin so it can be configurable.
This commit is contained in:
Todd C. Miller
2022-09-29 13:43:20 -06:00
parent 63efad271a
commit afaeb0ed57
3 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
plugins/sudoers/strlcpy_unesc.c
View File

@@ -29,6 +29,9 @@
#include "sudoers.h" #include "sudoers.h"
/*
* Like strlcpy() but collapses non-space chars escaped with a backslash.
*/
size_t size_t
strlcpy_unescape(char *dst, const char *src, size_t size) strlcpy_unescape(char *dst, const char *src, size_t size)
{ {

1
plugins/sudoers/sudoers.c
View File

@@ -1047,6 +1047,7 @@ set_cmnd(void)
* When running a command via a shell, the sudo front-end * When running a command via a shell, the sudo front-end
* escapes potential meta chars. We unescape non-spaces * escapes potential meta chars. We unescape non-spaces
* for sudoers matching and logging purposes. * for sudoers matching and logging purposes.
* TODO: move escaping to the policy plugin instead
*/ */
user_args = strvec_join(NewArgv + 1, ' ', strlcpy_unescape); user_args = strvec_join(NewArgv + 1, ' ', strlcpy_unescape);
} else { } else {

1
src/parse_args.c
View File

@@ -606,6 +606,7 @@ parse_args(int argc, char **argv, int *old_optind, int *nargc, char ***nargv,
/* /*
* For shell mode we need to rewrite argv * For shell mode we need to rewrite argv
* TODO: move this to the policy plugin and make escaping configurable
*/ */
if (ISSET(flags, MODE_SHELL|MODE_LOGIN_SHELL) && ISSET(mode, MODE_RUN)) { if (ISSET(flags, MODE_SHELL|MODE_LOGIN_SHELL) && ISSET(mode, MODE_RUN)) {
char **av, *cmnd = NULL; char **av, *cmnd = NULL;