Pass a secret value to sudo_intercept.so and verify after policy check.

The goal is to make it harder for someone to have a fake policy checker. This will not stop a determined adversary since the secret is present in the address space of the running process.
2021-08-13 09:10:44 -06:00
parent c9d9225469
commit eaf03a382b
8 changed files with 57 additions and 7 deletions
--- a/src/sudo_exec.h
+++ b/src/sudo_exec.h
@@ -80,6 +80,7 @@
 #define SESH_ERR_SOME_FILES 33		/* copy error, some files copied */

 #define INTERCEPT_FD_MIN    64		/* minimum fd so shell won't close it */
+#define INTERCEPT_REQ_SEC   42		/* request intercept secret */
 #define MESSAGE_SIZE_MAX    2097152	/* 2Mib max intercept message size */

 /*