isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,691 Commits 1 Branch 0 Tags
69c627658f87dad300bd6e5fe3b265dc2bc147cc
Commit Graph

3691 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
9c14a99988 Add prototype for update_defaults() 2004-10-26 22:16:26 +00:00
Todd C. Miller
50e00d2b07 Don't warn about line numbers now that we operate on a set of data 
structures (or LDAP) and not a file.
 2004-10-26 22:16:08 +00:00
Todd C. Miller
ba12600db1 No long use lsearch() 2004-10-26 22:15:05 +00:00
Todd C. Miller
e777eb9ddb Update for new and changed file names. 2004-10-26 22:14:40 +00:00
Todd C. Miller
306734c6b3 no more BSD lsearch.c 2004-10-26 22:14:21 +00:00
Todd C. Miller
56e8b2fcf8 foo_matches() routines now live in match.c 
Added user_matches(), runas_matches(), host_matches(), cmnd_matches()
and alias_matches() that operate on the parsed sudoers file.
 2004-10-26 22:14:01 +00:00
Todd C. Miller
2d1e360e83 Move parse.lex -> toke.l 
Rename buffer_frob() -> switch_buffer()
WORD no longer needs to exclude '@'
kill yywrap()
 2004-10-26 22:12:47 +00:00
Todd C. Miller
5becc03851 Rewritten parser that converts sudoers into a set of data structures. 
This eliminates ordering issues and makes it possible to apply
sudoers Defaults entries before searching for the command.
 2004-10-26 22:10:55 +00:00
Todd C. Miller
6725bb2e53 We won't be using lsearch() any longer. 2004-10-26 22:09:22 +00:00
Todd C. Miller
f7d7a3d5f7 sudo should not send mail if someone who runs 'sudo -l' has no entry. 2004-10-26 22:07:03 +00:00
Todd C. Miller
8204723c87 regen 2004-10-26 20:09:14 +00:00
Todd C. Miller
ae0a788d98 Update warnings to match new visudo 2004-10-26 20:09:01 +00:00
Todd C. Miller
b7479ce1e2 The new parser doesn't have the old ordering constraints. 2004-10-26 20:08:47 +00:00
Todd C. Miller
92d0954bcc Document that -l now takes an optional username argument 2004-10-26 20:08:24 +00:00
Todd C. Miller
17bb4b138b AIX 5.2.0.0 works 2004-10-25 17:44:54 +00:00
Todd C. Miller
66992e10ef If LDAP_OPT_SUCCESS is not defined, use LDAP_SUCCESS instead. 
Fixes a compilation problem with Solaris 9's native LDAP.

Set FLAG_MONITOR when needed.
 2004-10-25 17:38:24 +00:00
Todd C. Miller
2c91a58149 Call sudo_goodpath() *after* changing the cwd to match the traced process. 
Fixes relative paths.
 2004-10-23 17:32:20 +00:00
Todd C. Miller
d9e4426cb1 Kill set_perms() stub--it is no longer needed. 2004-10-21 16:31:19 +00:00
Todd C. Miller
e455f848a9 stay_setuid now requires set_reuid() or setresuid() 2004-10-13 16:52:51 +00:00
Todd C. Miller
48cdd1dec3 Kill use of POSIX saved uids; they aren't worth bothering with. 2004-10-13 16:46:19 +00:00
Todd C. Miller
55e1b220e0 remove call to issetugid() 2004-10-07 20:23:06 +00:00
Todd C. Miller
d56b543a13 Remove warning about wildcards. Now that we use glob() the bug is fixed. 2004-10-07 18:57:41 +00:00
Todd C. Miller
1b06f3e81d Use glob(3) instead of fnmatch(3) for matching pathnames and stat each 
result that matches the basename of the user's command.  This makes
"cd /usr/bin ; sudo ./blah" work when sudoers allows /usr/bin/blah.
Fixes bug #143.
 2004-10-07 18:52:51 +00:00
Todd C. Miller
082b0f8b3b Define HAVE_EXTENDED_GLOB for extended glob (GLOB_TILDE and GLOB_BRACE) 2004-10-07 18:27:49 +00:00
Todd C. Miller
e05c8441e6 Check for a glob() that supports GLOB_BRACE and GLOB_TILDE 2004-10-07 16:59:54 +00:00
Todd C. Miller
b19c6c4e94 reference glob 2004-10-07 16:51:56 +00:00
Todd C. Miller
50ed391d18 4.4BSD glob(3) with fixes from OpenBSD and some unneeded extensions removed. 2004-10-07 16:50:34 +00:00
Todd C. Miller
1ef398856a 4.4BSD glob(3) with fixes from OpenBSD and some unneeded extensions removed. 2004-10-07 16:50:34 +00:00
Todd C. Miller
163994c116 Just return if STRIOCINJECT or STRIOCREPLACE fail. It probably means 
we are out of space in the stack gap...
 2004-10-05 21:26:38 +00:00
Todd C. Miller
a3367a7158 sync 2004-10-05 21:20:06 +00:00
Todd C. Miller
a7d63df1fb Take a stab at ldap sudoers support here. 2004-10-05 20:53:29 +00:00
Todd C. Miller
385dfb2696 Detach from tracee on SIGHUP, SIGINT and SIGTERM. Now "sudo reboot" 
doesn't cause reboot to inadvertanly kill itself.
 2004-10-05 19:13:56 +00:00
Todd C. Miller
6e2fb232a4 put "monitor" in the proctitle, not "systrace" 2004-10-05 18:21:26 +00:00
Todd C. Miller
f01c983f12 When modifying the environment, don't replace envp when we can get 
away with just rewriting pointers in the traced process.
 2004-10-05 18:15:35 +00:00
Todd C. Miller
dc368b59fb Add environment updating via STRIOCINJECT (if available). 2004-10-05 17:46:22 +00:00
Todd C. Miller
5c259f8b47 regen 2004-10-05 14:22:26 +00:00
Todd C. Miller
30f4a9c13c regen 2004-10-04 20:15:38 +00:00
Todd C. Miller
7e36fc441c Fix bug introduced in unput() removal; want yyless(0) not yyless(1) 2004-10-04 20:15:29 +00:00
Todd C. Miller
d7e43093ef Include file is now mon_systrace.h 2004-10-04 16:09:45 +00:00
Todd C. Miller
3c8145a923 No longer call it tracing, it is now "monitoring" which should be more 
a obvious name to non-hackers.
 2004-10-04 16:07:19 +00:00
Todd C. Miller
5eb4895b55 Fix some XXX 2004-10-01 19:06:44 +00:00
Todd C. Miller
e173a07c85 No need to include syscall.h, use 1024 as the max # of entries (the 
max that systrace(4) allows).

Only need to use SYSTR_POLICY_ASSIGN once

Change check_syscall() -> find_handler() and have it return the
handler instead of just running it.  We need this since handler now
have two parts: one part that generates and answer and another that
gets called after the answer is accepted (to do logging).

Add some missing check_exec for emul execv
 2004-10-01 18:30:20 +00:00
Todd C. Miller
ebf22ee977 Add $Sudo$ tags. 2004-10-01 14:58:15 +00:00
Todd C. Miller
0035b30f94 Add missing HAVE_LINUX_SYSTRACE_H 2004-10-01 14:47:14 +00:00
Todd C. Miller
d94975937e add trace_systrace.o dependency 2004-10-01 00:46:21 +00:00
Todd C. Miller
6f338fd773 Also look for systrace.h in /usr/include/linux 2004-09-30 23:00:25 +00:00
Todd C. Miller
7edec19902 Move all struct defs and prototypes into trace_systrace.h and mark all 
but systace_attach() static.
 2004-09-30 22:27:33 +00:00
Todd C. Miller
33badbaeaa Add support for tracing emulations. At the moment, all emulations are 
compiled in.  It might make sense to #ifdef them in the future, though
this impeeds readability.
 2004-09-30 22:14:34 +00:00
Todd C. Miller
2cfa16a770 rename systrace.c -> trace_systrace.c 2004-09-30 21:07:36 +00:00
Todd C. Miller
6fa20c570f Allow this to build with a K&R compiler again 2004-09-30 19:58:10 +00:00