isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

When listing a user's privileges, always prompt the user for their

Browse Source 
own password, regardless of the value of target_pw, root_pw or
runas_pw.
This commit is contained in:
Todd C. Miller
2014-01-29 15:19:45 -07:00
parent 5a636f2ea1
commit db3b776277
5 changed files with 53 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
NEWS
View File

@@ -4,6 +4,10 @@ What's new in Sudo 1.8.10?
sudo.conf by changing the value of the probe_interfaces
setting.
* When listing a user's privileges (sudo -l), the sudoers plugin
will now prompt for the user's password even if the targetpw,
rootpw or runaspw options are set.
What's new in Sudo 1.8.9p4?
* Fixed a bug where sudo could consume large amounts of CPU while

23
doc/sudoers.cat
View File

@@ -1120,13 +1120,15 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
This flag is _o_n by default.
rootpw If set, ssuuddoo will prompt for the root password instead
of the password of the invoking user. This flag is _o_f_f
by default.
of the password of the invoking user when running a
command or editing a file. This flag is _o_f_f by
default.
runaspw If set, ssuuddoo will prompt for the password of the user
defined by the _r_u_n_a_s___d_e_f_a_u_l_t option (defaults to root)
instead of the password of the invoking user. This
flag is _o_f_f by default.
instead of the password of the invoking user when
running a command or editing a file. This flag is _o_f_f
by default.
set_home If enabled and ssuuddoo is invoked with the --ss option the
HOME environment variable will be set to the home
@@ -1185,11 +1187,12 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
targetpw If set, ssuuddoo will prompt for the password of the user
specified by the --uu option (defaults to root) instead
of the password of the invoking user. In addition, the
time stamp file name will include the target user's
name. Note that this flag precludes the use of a uid
not listed in the passwd database as an argument to the
--uu option. This flag is _o_f_f by default.
of the password of the invoking user when running a
command or editing a file. In addition, the time stamp
file name will include the target user's name. Note
that this flag precludes the use of a uid not listed in
the passwd database as an argument to the --uu option.
This flag is _o_f_f by default.
tty_tickets If set, users must authenticate on a per-tty basis.
With this flag enabled, ssuuddoo will use a file named for
@@ -2292,4 +2295,4 @@ DDIISSCCLLAAIIMMEERR
file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for
complete details.
Sudo 1.8.9 January 1, 2014 Sudo 1.8.9
Sudo 1.8.10 January 29, 2014 Sudo 1.8.10

11
doc/sudoers.man.in
View File

@@ -21,7 +21,7 @@
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
.TH "SUDOERS" "@mansectsu@" "January 1, 2014" "Sudo @PACKAGE_VERSION@" "Programmer's Manual"
.TH "SUDOERS" "@mansectsu@" "January 29, 2014" "Sudo @PACKAGE_VERSION@" "Programmer's Manual"
.nh
.if n .ad l
.SH "NAME"
@@ -2366,7 +2366,8 @@ by default.
rootpw
If set,
\fBsudo\fR
will prompt for the root password instead of the password of the invoking user.
will prompt for the root password instead of the password of the invoking user
when running a command or editing a file.
This flag is
\fIoff\fR
by default.
@@ -2378,7 +2379,8 @@ will prompt for the password of the user defined by the
\fIrunas_default\fR
option (defaults to
\fR@runas_default@\fR)
instead of the password of the invoking user.
instead of the password of the invoking user
when running a command or editing a file.
This flag is
\fIoff\fR
by default.
@@ -2521,7 +2523,8 @@ by the
\fB\-u\fR
option (defaults to
\fRroot\fR)
instead of the password of the invoking user.
instead of the password of the invoking user
when running a command or editing a file.
In addition, the time stamp file name will include the target user's name.
Note that this flag precludes the use of a uid not listed in the passwd
database as an argument to the

11
doc/sudoers.mdoc.in
View File

@@ -19,7 +19,7 @@
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
.Dd January 1, 2014
.Dd January 29, 2014
.Dt SUDOERS @mansectform@
.Os Sudo @PACKAGE_VERSION@
.Sh NAME
@@ -2209,7 +2209,8 @@ by default.
.It rootpw
If set,
.Nm sudo
will prompt for the root password instead of the password of the invoking user.
will prompt for the root password instead of the password of the invoking user
when running a command or editing a file.
This flag is
.Em off
by default.
@@ -2220,7 +2221,8 @@ will prompt for the password of the user defined by the
.Em runas_default
option (defaults to
.Li @runas_default@ )
instead of the password of the invoking user.
instead of the password of the invoking user
when running a command or editing a file.
This flag is
.Em off
by default.
@@ -2356,7 +2358,8 @@ by the
.Fl u
option (defaults to
.Li root )
instead of the password of the invoking user.
instead of the password of the invoking user
when running a command or editing a file.
In addition, the time stamp file name will include the target user's name.
Note that this flag precludes the use of a uid not listed in the passwd
database as an argument to the

38
plugins/sudoers/check.c
View File

@@ -53,7 +53,7 @@
#include "check.h"
static bool display_lecture(int);
static struct passwd *get_authpw(void);
static struct passwd *get_authpw(int);
/*
* Returns true if the user successfully authenticates, false if not
@@ -123,7 +123,7 @@ check_user(int validated, int mode)
* Init authentication system regardless of whether we need a password.
* Required for proper PAM session support.
*/
auth_pw = get_authpw();
auth_pw = get_authpw(mode);
if (sudo_auth_init(auth_pw) == -1) {
rval = -1;
goto done;
@@ -217,26 +217,32 @@ user_is_exempt(void)
* case, this matches sudo_user.pw or runas_pw.
*/
static struct passwd *
get_authpw(void)
get_authpw(int mode)
{
struct passwd *pw;
debug_decl(get_authpw, SUDO_DEBUG_AUTH)
if (def_rootpw) {
if ((pw = sudo_getpwuid(ROOT_UID)) == NULL)
log_fatal(0, N_("unknown uid: %u"), ROOT_UID);
} else if (def_runaspw) {
if ((pw = sudo_getpwnam(def_runas_default)) == NULL)
log_fatal(0, N_("unknown user: %s"), def_runas_default);
} else if (def_targetpw) {
if (runas_pw->pw_name == NULL)
log_fatal(NO_MAIL|MSG_ONLY, N_("unknown uid: %u"),
(unsigned int) runas_pw->pw_uid);
sudo_pw_addref(runas_pw);
pw = runas_pw;
} else {
if (ISSET(mode, (MODE_CHECK|MODE_LIST))) {
/* In list mode we always prompt for the user's password. */
sudo_pw_addref(sudo_user.pw);
pw = sudo_user.pw;
} else {
if (def_rootpw) {
if ((pw = sudo_getpwuid(ROOT_UID)) == NULL)
log_fatal(0, N_("unknown uid: %u"), ROOT_UID);
} else if (def_runaspw) {
if ((pw = sudo_getpwnam(def_runas_default)) == NULL)
log_fatal(0, N_("unknown user: %s"), def_runas_default);
} else if (def_targetpw) {
if (runas_pw->pw_name == NULL)
log_fatal(NO_MAIL|MSG_ONLY, N_("unknown uid: %u"),
(unsigned int) runas_pw->pw_uid);
sudo_pw_addref(runas_pw);
pw = runas_pw;
} else {
sudo_pw_addref(sudo_user.pw);
pw = sudo_user.pw;
}
}
debug_return_ptr(pw);