Avoid TOCTOU in sudo_mkdir_parents() using openat(2) and mkdirat(2).

This also allows us to make path const as it should be.
2021-12-11 08:35:18 -07:00
parent 55db239243
commit c13b21c199
12 changed files with 192 additions and 43 deletions
--- a/plugins/sudoers/timestamp.c
+++ b/plugins/sudoers/timestamp.c
@@ -185,7 +185,7 @@ ts_find_record(int fd, struct timestamp_entry *key, struct timestamp_entry *entr
 * Returns false on failure and displays a warning to stderr.
 */
 static bool
-ts_mkdirs(char *path, uid_t owner, gid_t group, mode_t mode,
+ts_mkdirs(const char *path, uid_t owner, gid_t group, mode_t mode,
    mode_t parent_mode, bool quiet)
 {
    bool ret;