Implement umask_override
This commit is contained in:
Todd C. Miller
@@ -310,6 +310,10 @@ struct sudo_defs_types sudo_defs_table[] = {
|
|||||||
"fast_glob", T_FLAG,
|
"fast_glob", T_FLAG,
|
||||||
"Use faster globbing that is less accurate but does not access the filesystem",
|
"Use faster globbing that is less accurate but does not access the filesystem",
|
||||||
NULL,
|
NULL,
|
||||||
|
}, {
|
||||||
|
"umask_override", T_FLAG,
|
||||||
|
"The umask specified in sudoers will override the user's, even if it is more permissive",
|
||||||
|
NULL,
|
||||||
}, {
|
}, {
|
||||||
NULL, 0, NULL
|
NULL, 0, NULL
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -142,6 +142,8 @@
|
|||||||
#define I_PWFEEDBACK 70
|
#define I_PWFEEDBACK 70
|
||||||
#define def_fast_glob (sudo_defs_table[71].sd_un.flag)
|
#define def_fast_glob (sudo_defs_table[71].sd_un.flag)
|
||||||
#define I_FAST_GLOB 71
|
#define I_FAST_GLOB 71
|
||||||
|
#define def_umask_override (sudo_defs_table[72].sd_un.flag)
|
||||||
|
#define I_UMASK_OVERRIDE 72
|
||||||
|
|
||||||
enum def_tupple {
|
enum def_tupple {
|
||||||
never,
|
never,
|
||||||
|
|||||||
@@ -229,3 +229,6 @@ pwfeedback
|
|||||||
fast_glob
|
fast_glob
|
||||||
T_FLAG
|
T_FLAG
|
||||||
"Use faster globbing that is less accurate but does not access the filesystem"
|
"Use faster globbing that is less accurate but does not access the filesystem"
|
||||||
|
umask_override
|
||||||
|
T_FLAG
|
||||||
|
"The umask specified in sudoers will override the user's, even if it is more permissive"
|
||||||
|
|||||||
20
sudo.c
20
sudo.c
@@ -453,14 +453,19 @@ main(argc, argv, envp)
|
|||||||
exit(rc);
|
exit(rc);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Override user's umask if configured to do so.
|
* Set umask based on sudoers.
|
||||||
* If user's umask is more restrictive, OR in those bits too.
|
* If user's umask is more restrictive, OR in those bits too
|
||||||
|
* unless umask_override is set.
|
||||||
*/
|
*/
|
||||||
if (def_umask != 0777) {
|
if (def_umask != 0777) {
|
||||||
mode_t mask = umask(def_umask);
|
if (def_umask_override) {
|
||||||
mask |= def_umask;
|
umask(def_umask);
|
||||||
if (mask != def_umask)
|
} else {
|
||||||
umask(mask);
|
mode_t mask = umask(def_umask);
|
||||||
|
mask |= def_umask;
|
||||||
|
if (mask != def_umask)
|
||||||
|
umask(mask);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Restore coredumpsize resource limit. */
|
/* Restore coredumpsize resource limit. */
|
||||||
@@ -537,7 +542,8 @@ main(argc, argv, envp)
|
|||||||
NewArgv[0] = "sh";
|
NewArgv[0] = "sh";
|
||||||
NewArgv[1] = safe_cmnd;
|
NewArgv[1] = safe_cmnd;
|
||||||
execv(_PATH_BSHELL, NewArgv);
|
execv(_PATH_BSHELL, NewArgv);
|
||||||
} warning("unable to execute %s", safe_cmnd);
|
}
|
||||||
|
warning("unable to execute %s", safe_cmnd);
|
||||||
exit(127);
|
exit(127);
|
||||||
} else if (ISSET(validated, FLAG_NO_USER | FLAG_NO_HOST)) {
|
} else if (ISSET(validated, FLAG_NO_USER | FLAG_NO_HOST)) {
|
||||||
audit_failure(NewArgv, "No user or host");
|
audit_failure(NewArgv, "No user or host");
|
||||||
|
|||||||
@@ -781,6 +781,15 @@ the user running it. With this flag enabled, B<sudo> will use a
|
|||||||
file named for the tty the user is logged in on in that directory.
|
file named for the tty the user is logged in on in that directory.
|
||||||
This flag is I<@tty_tickets@> by default.
|
This flag is I<@tty_tickets@> by default.
|
||||||
|
|
||||||
|
=item umask_override
|
||||||
|
|
||||||
|
If set, B<sudo> will set the umask as specified by I<sudoers> without
|
||||||
|
modification. This makes it possible to specify a more permissive
|
||||||
|
umask in I<sudoers> than the user's own umask and matches historical
|
||||||
|
behavior. If I<umask_override> is not set, B<sudo> will set the
|
||||||
|
umask to be the union of the user's umask and what is specified in
|
||||||
|
I<sudoers>. This flag is I<off> by default.
|
||||||
|
|
||||||
=item use_loginclass
|
=item use_loginclass
|
||||||
|
|
||||||
If set, B<sudo> will apply the defaults specified for the target user's
|
If set, B<sudo> will apply the defaults specified for the target user's
|
||||||
|
|||||||
Reference in New Issue
Block a user