isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Change intercept IPC to use a localhost socket instead of inherited fd.

Browse Source 
This allows intercept mode to work with shells that close all open
fds upon startup.  The ctor in sudo_intercept.so requests the port
number and secret over the socket inherited from the parent then
closes it.  For each policy request, a TCP connection is made to
the sudo parent process to perform the policy check.  Child processes
re-use the TCP socket to request the port number and secret just like
the initial process started by sudo does.
This commit is contained in:
Todd C. Miller
2021-08-25 14:24:36 -06:00
parent 448536e0f7
commit c465d8971d
11 changed files with 1067 additions and 632 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/sudo_exec.h
View File

@@ -80,7 +80,6 @@
#define SESH_ERR_SOME_FILES 33 /* copy error, some files copied */
#define INTERCEPT_FD_MIN 64 /* minimum fd so shell won't close it */
#define INTERCEPT_REQ_SEC 42 /* request intercept secret */
#define MESSAGE_SIZE_MAX 2097152 /* 2Mib max intercept message size */
/*
@@ -88,19 +87,22 @@
*/
struct command_details;
struct command_status;
struct sudo_event_base;
struct stat;
/* exec.c */
void exec_cmnd(struct command_details *details, int intercept_fd, int errfd);
void terminate_command(pid_t pid, bool use_pgrp);
bool sudo_terminated(struct command_status *cstat);
void intercept_fd_cb(int fd, int what, void *v);
/* exec_common.c */
int sudo_execve(int fd, const char *path, char *const argv[], char *envp[], int intercept_fd, int flags);
char **disable_execute(char *envp[], const char *dso);
char **enable_monitor(char *envp[], const char *dso);
/* exec_intercept.c */
bool intercept_setup(int fd, struct sudo_event_base *evbase, struct command_details *details);
/* exec_nopty.c */
void exec_nopty(struct command_details *details, struct command_status *cstat);