added anti-spoofing support
This commit is contained in:
Todd C. Miller
25
sudo.c
25
sudo.c
@@ -126,6 +126,7 @@ char *prompt = PASSPROMPT;
|
|||||||
char host[MAXHOSTNAMELEN + 1];
|
char host[MAXHOSTNAMELEN + 1];
|
||||||
char cwd[MAXPATHLEN + 1];
|
char cwd[MAXPATHLEN + 1];
|
||||||
uid_t uid = (uid_t)-2;
|
uid_t uid = (uid_t)-2;
|
||||||
|
struct stat cmnd_st;
|
||||||
extern struct interface *interfaces;
|
extern struct interface *interfaces;
|
||||||
extern int num_interfaces;
|
extern int num_interfaces;
|
||||||
extern int printmatches;
|
extern int printmatches;
|
||||||
@@ -234,10 +235,30 @@ main(argc, argv)
|
|||||||
exit(0);
|
exit(0);
|
||||||
set_perms(PERM_FULL_ROOT);
|
set_perms(PERM_FULL_ROOT);
|
||||||
#ifndef GPROF
|
#ifndef GPROF
|
||||||
if (sudo_mode == MODE_BACKGROUND && fork() > 0)
|
if (sudo_mode == MODE_BACKGROUND && fork() > 0) {
|
||||||
exit(0);
|
exit(0);
|
||||||
else
|
} else {
|
||||||
|
struct stat st;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Make sure we are not being spoofed. The stat should
|
||||||
|
* be cheap enough to make this almost bulletproof.
|
||||||
|
*/
|
||||||
|
if (stat(cmnd, &st) < 0) {
|
||||||
|
fprintf(stderr, "%s: unable to stat %s:", Argv[0], cmnd);
|
||||||
|
perror("");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (st.st_dev != cmnd_st.st_dev || st.st_ino != cmnd_st.st_ino) {
|
||||||
|
/* log and send mail, then bitch */
|
||||||
|
log_error(SPOOF_ATTEMPT);
|
||||||
|
inform_user(SPOOF_ATTEMPT);
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
EXEC(cmnd, &Argv[1]);
|
EXEC(cmnd, &Argv[1]);
|
||||||
|
}
|
||||||
#else
|
#else
|
||||||
exit(0);
|
exit(0);
|
||||||
#endif /* GPROF */
|
#endif /* GPROF */
|
||||||
|
|||||||
Reference in New Issue
Block a user