isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,232 Commits 1 Branch 0 Tags
3a8c0ca966e8ae83483d7dedb4230e6b13fec9b2
Commit Graph

249 Commits

Author SHA1 Message Date
Todd C. Miller
61bd59c733 Only block SIGINT, SIGQUIT, SIGTSTP (which can be generated from 
the keyboard).  Since we run with ruid/euid == 0 the user can't
really signal us in nasty ways.
 1999-08-27 21:02:24 +00:00
Todd C. Miller
79faf00e5d fix --enable-noargs-shell 1999-08-27 15:53:29 +00:00
Todd C. Miller
b13e8006ec Add check for LONG_IS_QUAD 
#undef MAXINT before including hpsecurity.h to silence an HP-UX warning
Check for U?LONG_LONG_MAX in snprintf.c and use LONG_IS_QUAD
 1999-08-22 09:59:28 +00:00
Todd C. Miller
275c2fc980 Run most of the code as root, not the invoking user. It doesn't really 
gain us anything to run as the user since an attacker can just have
an setuid(0) in their egg.  Running as root solves potential problems
wrt signalling.
 1999-08-20 20:37:16 +00:00
Todd C. Miller
b9746389ce Don't wait for child to finish in log_error(), let the signal handler 
get it if we are still running, else let init reap it for us.  The extra
time it takes to wait lets the user know that mail is being sent.

Install SIGCHLD handler in main() and for POSIX signals, block everything
*except* SIGCHLD.
 1999-08-19 17:45:36 +00:00
Todd C. Miller
0598093e2c sudoers_lookup() now returns a bitmap instead of an int. This makes it 
possible to express things like "failed to validate because user not listed
for this host".  Some thigns that were previously VALIDATE_FOO are now
FLAG_FOO.  This may change later on.

Reorganized code in log_auth() and sudo.c to deal with above changes.

Safer versions of push/pushcp with in the do { ... } while (0) style

parse.yacc now saves info on the stack to allow parse.c to determine
if a user was listed, but not for the host he/she tried to run on.

Added --with-mail-if-no-host option
 1999-08-19 16:30:09 +00:00
Todd C. Miller
d7ebfe06d1 o Digital UNIX needs to check for *snprintf() before -ldb is added to LIBS 
since -ldb includes a bogus snprintf().
o Add forward refs for struct mbuf and struct rtentry for Digital UNIX.
o Reorder some functions in snprintf.c to fix -Wall
o Add missing includes to fix more -Wall
 1999-08-12 16:24:10 +00:00
Todd C. Miller
145992dce2 o /etc/stmp -> /etc/sudoers.tmp since solaris uses stmp as shadow temp file 
o _PATH_SUDO_SUDOERS -> _PATH_SUDOERS and _PATH_SUDO_STMP -> _PATH_SUDOERS_TMP
 1999-08-06 09:37:03 +00:00
Todd C. Miller
27d6f353e2 o new defines for syslog facility and priority 
o use new print_version() functino for -V mode
 1999-08-05 10:51:02 +00:00
Todd C. Miller
014bd22934 -u flag was being ignored 1999-08-04 07:53:04 +00:00
Todd C. Miller
6b3909c780 rename validate() to the more descriptive sudoers_lookup() 1999-08-01 15:42:12 +00:00
Todd C. Miller
5a51e05e63 Sudo, not CU Sudo 1999-07-31 16:31:27 +00:00
Todd C. Miller
0d732401f4 add 4th term to license similar to term 5 in the apache license 1999-07-31 16:19:50 +00:00
Todd C. Miller
794f537eef there was a 1995 release too 1999-07-31 16:02:13 +00:00
Todd C. Miller
7fe99a8caa o no longer contains sudo 1.1/1.2 code 
o BSD copyright
o use new logging routines
o simplified flow of control
o BIND resolver additions to badenv_table
 1999-07-22 12:55:17 +00:00
Todd C. Miller
20002b5fe2 Some -Wall and kill some trailing spaces 1999-07-05 20:11:50 +00:00
Todd C. Miller
b3cd9b1f96 mention why DONT_LEAK_PATH_INFO is not the default 1999-06-14 23:47:56 +00:00
Todd C. Miller
80287c981c Move interface-related defines to interfaces.h so we don't have to include 
<netinet/in.h> everywhere.
 1999-05-17 01:36:30 +00:00
Todd C. Miller
850a52aa6f o Replace _PASSWD_LEN braindeath with our own SUDO_MAX_PASS. 
It turns out the old DES crypt does the right thing with passwords
   longert than 8 characters.
 o Fix common typo (necesary -> necessary)
 o Update TODO list
 1999-05-14 16:30:14 +00:00
Todd C. Miller
6b91a87a9f set $LOGNAME when we set $USER 1999-05-03 16:00:32 +00:00
Todd C. Miller
06e586ee7b Function names should be flush with the start of the line so they can be found trivially in an editor and with grep 1999-04-10 04:49:03 +00:00
Todd C. Miller
eecc5ce1c9 free(3) is already void, no need to cast it 1999-04-10 04:40:57 +00:00
Todd C. Miller
8e8fbc251e catch case where cmnd_safe is not set (this should not be possible) 1999-04-10 04:37:35 +00:00
Todd C. Miller
59b0cff8cf Stash the "safe" path (ie: the one listed in sudoers) to the command instead 
of stashing the struct stat.  Should be safer.
 1999-04-10 04:10:01 +00:00
Todd C. Miller
499e869237 Add VALIDATE_NOT_OK_NOPASS for when user is not allowed to run a command 
but the NOPASSWD flag was set.
Make runasspec, runaslist, runasuser, and nopasswd typeless in parse.yacc
Add support for '!' in the runas list
Fix double printing of '%' and '+' for groups and netgroups respectively
Add *_matched macros (no need for local stack variable).  Should only be
used directly after a pop (since top must be >= 2).
 1999-04-06 05:00:29 +00:00
Todd C. Miller
e6deacb6c4 Crank version to 1.6 and combine copyright statements 1999-04-05 20:57:25 +00:00
Todd C. Miller
1b56f53a40 Make sudo's usage info better when mutually exclusive args are given and don't rely on argument order to detect this; nick@zeta.org.au 1999-03-30 06:01:46 +00:00
Todd C. Miller
79c46d1c81 ++version 1999-03-29 04:05:15 +00:00
Todd C. Miller
382ef75493 Use emalloc/erealloc/estrdup 1999-03-29 02:59:34 +00:00
Todd C. Miller
c74286542b shost must be set before log functions are called #ifdef HOST_IN_LOG 1999-03-13 18:37:57 +00:00
Todd C. Miller
f9b80fcad4 add cast for strdup in places it does not have it 1999-02-11 06:41:32 +00:00
Todd C. Miller
52916f16ac add explicate copyright 1999-02-03 04:32:19 +00:00
Todd C. Miller
e6f9653f79 Don't clobber errno after calling check_sudoers(). 1999-02-02 22:54:04 +00:00
Todd C. Miller
826fe213f2 add sudo tags 1999-01-17 23:16:20 +00:00
Todd C. Miller
d3aaf52283 crank version and regen files 1999-01-17 22:40:55 +00:00
Todd C. Miller
3983a7a651 kerb5 support from fcusack@iconnet.net 1999-01-17 22:08:55 +00:00
Todd C. Miller
62dba8f4d1 more -Wall 1998-11-18 04:16:13 +00:00
Todd C. Miller
c253188f55 -Wall 1998-11-18 03:51:10 +00:00
Todd C. Miller
ba5a24cfc3 add missing inform_user() 1998-11-16 22:38:27 +00:00
Todd C. Miller
53969f978f add "ignoring foo found in ." for auth successful case 1998-11-10 00:15:04 +00:00
Todd C. Miller
b82d683a3b add missing printf param 1998-11-09 22:57:52 +00:00
Todd C. Miller
0900eabf3b go back to printing "command not found" unless --disable-path-info 
specified.  Also, tell user when we ignore '.' in their path and
it would have been used but for --with-ignore-dot.
 1998-11-08 20:56:52 +00:00
Todd C. Miller
0b9e318b75 Only one space after a colon, not two, in printf's 1998-11-08 18:51:58 +00:00
Todd C. Miller
ef4b731616 set $USER for root too 1998-11-05 02:21:35 +00:00
Todd C. Miller
22f741b38c kill perror("malloc") since we already have a good error messages 
pw_ent -> pw for brevity
set $USER if -u specified
 1998-11-04 01:40:45 +00:00
Todd C. Miller
7ffee3b997 getprpwuid is broken in HP-UX 10.20 at least (it sleeps for 2 minutes if the 
shadow files don't exist).
 1998-10-21 23:50:10 +00:00
Todd C. Miller
156c3b069c call initprivs() if we have it for getprpwuid later on 1998-10-19 18:31:31 +00:00
Todd C. Miller
5bfb481ca7 no more options.h 1998-10-15 05:41:26 +00:00
Todd C. Miller
a40aca2b10 kill sys/time.h 1998-10-15 05:32:30 +00:00
Todd C. Miller
9d6cd6f216 UMASK -> SUDO_UMASK. 1998-09-24 15:40:39 +00:00