isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

When listing a user's privileges, always prompt the user for their

Browse Source 
own password, regardless of the value of target_pw, root_pw or
runas_pw.
This commit is contained in:
Todd C. Miller
2014-01-29 15:19:45 -07:00
parent 5a636f2ea1
commit db3b776277
5 changed files with 53 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
NEWS
View File

@@ -4,6 +4,10 @@ What's new in Sudo 1.8.10?
sudo.conf by changing the value of the probe_interfaces sudo.conf by changing the value of the probe_interfaces
setting. setting.
* When listing a user's privileges (sudo -l), the sudoers plugin
will now prompt for the user's password even if the targetpw,
rootpw or runaspw options are set.
What's new in Sudo 1.8.9p4? What's new in Sudo 1.8.9p4?
* Fixed a bug where sudo could consume large amounts of CPU while * Fixed a bug where sudo could consume large amounts of CPU while

23
doc/sudoers.cat
View File

@@ -1120,13 +1120,15 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
This flag is _o_n by default. This flag is _o_n by default.
rootpw If set, ssuuddoo will prompt for the root password instead rootpw If set, ssuuddoo will prompt for the root password instead
of the password of the invoking user. This flag is _o_f_f of the password of the invoking user when running a
by default. command or editing a file. This flag is _o_f_f by
default.
runaspw If set, ssuuddoo will prompt for the password of the user runaspw If set, ssuuddoo will prompt for the password of the user
defined by the _r_u_n_a_s___d_e_f_a_u_l_t option (defaults to root) defined by the _r_u_n_a_s___d_e_f_a_u_l_t option (defaults to root)
instead of the password of the invoking user. This instead of the password of the invoking user when
flag is _o_f_f by default. running a command or editing a file. This flag is _o_f_f
by default.
set_home If enabled and ssuuddoo is invoked with the --ss option the set_home If enabled and ssuuddoo is invoked with the --ss option the
HOME environment variable will be set to the home HOME environment variable will be set to the home
@@ -1185,11 +1187,12 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
targetpw If set, ssuuddoo will prompt for the password of the user targetpw If set, ssuuddoo will prompt for the password of the user
specified by the --uu option (defaults to root) instead specified by the --uu option (defaults to root) instead
of the password of the invoking user. In addition, the of the password of the invoking user when running a
time stamp file name will include the target user's command or editing a file. In addition, the time stamp
name. Note that this flag precludes the use of a uid file name will include the target user's name. Note
not listed in the passwd database as an argument to the that this flag precludes the use of a uid not listed in
--uu option. This flag is _o_f_f by default. the passwd database as an argument to the --uu option.
This flag is _o_f_f by default.
tty_tickets If set, users must authenticate on a per-tty basis. tty_tickets If set, users must authenticate on a per-tty basis.
With this flag enabled, ssuuddoo will use a file named for With this flag enabled, ssuuddoo will use a file named for
@@ -2292,4 +2295,4 @@ DDIISSCCLLAAIIMMEERR
file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for
complete details. complete details.
Sudo 1.8.9 January 1, 2014 Sudo 1.8.9 Sudo 1.8.10 January 29, 2014 Sudo 1.8.10

11
doc/sudoers.man.in
View File

@@ -21,7 +21,7 @@
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\" .\"
.TH "SUDOERS" "@mansectsu@" "January 1, 2014" "Sudo @PACKAGE_VERSION@" "Programmer's Manual" .TH "SUDOERS" "@mansectsu@" "January 29, 2014" "Sudo @PACKAGE_VERSION@" "Programmer's Manual"
.nh .nh
.if n .ad l .if n .ad l
.SH "NAME" .SH "NAME"
@@ -2366,7 +2366,8 @@ by default.
rootpw rootpw
If set, If set,
\fBsudo\fR \fBsudo\fR
will prompt for the root password instead of the password of the invoking user. will prompt for the root password instead of the password of the invoking user
when running a command or editing a file.
This flag is This flag is
\fIoff\fR \fIoff\fR
by default. by default.
@@ -2378,7 +2379,8 @@ will prompt for the password of the user defined by the
\fIrunas_default\fR \fIrunas_default\fR
option (defaults to option (defaults to
\fR@runas_default@\fR) \fR@runas_default@\fR)
instead of the password of the invoking user. instead of the password of the invoking user
when running a command or editing a file.
This flag is This flag is
\fIoff\fR \fIoff\fR
by default. by default.
@@ -2521,7 +2523,8 @@ by the
\fB\-u\fR \fB\-u\fR
option (defaults to option (defaults to
\fRroot\fR) \fRroot\fR)
instead of the password of the invoking user. instead of the password of the invoking user
when running a command or editing a file.
In addition, the time stamp file name will include the target user's name. In addition, the time stamp file name will include the target user's name.
Note that this flag precludes the use of a uid not listed in the passwd Note that this flag precludes the use of a uid not listed in the passwd
database as an argument to the database as an argument to the

11
doc/sudoers.mdoc.in
View File

@@ -19,7 +19,7 @@
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\" .\"
.Dd January 1, 2014 .Dd January 29, 2014
.Dt SUDOERS @mansectform@ .Dt SUDOERS @mansectform@
.Os Sudo @PACKAGE_VERSION@ .Os Sudo @PACKAGE_VERSION@
.Sh NAME .Sh NAME
@@ -2209,7 +2209,8 @@ by default.
.It rootpw .It rootpw
If set, If set,
.Nm sudo .Nm sudo
will prompt for the root password instead of the password of the invoking user. will prompt for the root password instead of the password of the invoking user
when running a command or editing a file.
This flag is This flag is
.Em off .Em off
by default. by default.
@@ -2220,7 +2221,8 @@ will prompt for the password of the user defined by the
.Em runas_default .Em runas_default
option (defaults to option (defaults to
.Li @runas_default@ ) .Li @runas_default@ )
instead of the password of the invoking user. instead of the password of the invoking user
when running a command or editing a file.
This flag is This flag is
.Em off .Em off
by default. by default.
@@ -2356,7 +2358,8 @@ by the
.Fl u .Fl u
option (defaults to option (defaults to
.Li root ) .Li root )
instead of the password of the invoking user. instead of the password of the invoking user
when running a command or editing a file.
In addition, the time stamp file name will include the target user's name. In addition, the time stamp file name will include the target user's name.
Note that this flag precludes the use of a uid not listed in the passwd Note that this flag precludes the use of a uid not listed in the passwd
database as an argument to the database as an argument to the

38
plugins/sudoers/check.c
View File

@@ -53,7 +53,7 @@
#include "check.h" #include "check.h"
static bool display_lecture(int); static bool display_lecture(int);
static struct passwd *get_authpw(void); static struct passwd *get_authpw(int);
/* /*
* Returns true if the user successfully authenticates, false if not * Returns true if the user successfully authenticates, false if not
@@ -123,7 +123,7 @@ check_user(int validated, int mode)
* Init authentication system regardless of whether we need a password. * Init authentication system regardless of whether we need a password.
* Required for proper PAM session support. * Required for proper PAM session support.
*/ */
auth_pw = get_authpw(); auth_pw = get_authpw(mode);
if (sudo_auth_init(auth_pw) == -1) { if (sudo_auth_init(auth_pw) == -1) {
rval = -1; rval = -1;
goto done; goto done;
@@ -217,26 +217,32 @@ user_is_exempt(void)
* case, this matches sudo_user.pw or runas_pw. * case, this matches sudo_user.pw or runas_pw.
*/ */
static struct passwd * static struct passwd *
get_authpw(void) get_authpw(int mode)
{ {
struct passwd *pw; struct passwd *pw;
debug_decl(get_authpw, SUDO_DEBUG_AUTH) debug_decl(get_authpw, SUDO_DEBUG_AUTH)
if (def_rootpw) { if (ISSET(mode, (MODE_CHECK|MODE_LIST))) {
if ((pw = sudo_getpwuid(ROOT_UID)) == NULL) /* In list mode we always prompt for the user's password. */
log_fatal(0, N_("unknown uid: %u"), ROOT_UID);
} else if (def_runaspw) {
if ((pw = sudo_getpwnam(def_runas_default)) == NULL)
log_fatal(0, N_("unknown user: %s"), def_runas_default);
} else if (def_targetpw) {
if (runas_pw->pw_name == NULL)
log_fatal(NO_MAIL|MSG_ONLY, N_("unknown uid: %u"),
(unsigned int) runas_pw->pw_uid);
sudo_pw_addref(runas_pw);
pw = runas_pw;
} else {
sudo_pw_addref(sudo_user.pw); sudo_pw_addref(sudo_user.pw);
pw = sudo_user.pw; pw = sudo_user.pw;
} else {
if (def_rootpw) {
if ((pw = sudo_getpwuid(ROOT_UID)) == NULL)
log_fatal(0, N_("unknown uid: %u"), ROOT_UID);
} else if (def_runaspw) {
if ((pw = sudo_getpwnam(def_runas_default)) == NULL)
log_fatal(0, N_("unknown user: %s"), def_runas_default);
} else if (def_targetpw) {
if (runas_pw->pw_name == NULL)
log_fatal(NO_MAIL|MSG_ONLY, N_("unknown uid: %u"),
(unsigned int) runas_pw->pw_uid);
sudo_pw_addref(runas_pw);
pw = runas_pw;
} else {
sudo_pw_addref(sudo_user.pw);
pw = sudo_user.pw;
}
} }
debug_return_ptr(pw); debug_return_ptr(pw);