isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,698 Commits 1 Branch 0 Tags
6ac7edb6e34c4902c62726c13b36fb2b902ee7ed
Commit Graph

3698 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
6ac7edb6e3 Add mkstemp() for those poor souls without it. 2005-11-17 01:36:47 +00:00
Todd C. Miller
7a8ed8e07a Add mkstemp() for those poor souls without it. 2005-11-17 01:36:47 +00:00
Todd C. Miller
be9d490e1a Add PERL5DB to list of environment variables to remove. 2005-11-15 14:25:03 +00:00
Todd C. Miller
3553eee07e Instead of calling the check function twice with a state cookie use 
separate check/log functions.

Check more ioctl() calls for failure.

systrace_{read,write} now return the number of bytes read/written
or -1 on error.
 2005-11-13 20:49:35 +00:00
Todd C. Miller
b9f34a5a3f Add more environment variables to remove; from gentoo linux 
Add some comments about what bad env variables go to what (more to do)
 2005-11-13 19:51:43 +00:00
Todd C. Miller
b2a32d13c0 Move sudo_end{gr,pw}ent() until just before the exec since they 
free up our cached copy of the passwd structs, including sudo_user
and sudo_runas.  Fixes a use-after-free bug.
 2005-11-11 22:23:08 +00:00
Todd C. Miller
0b3b32ab9a Close all fd's before executing editor. 2005-11-11 22:19:53 +00:00
Todd C. Miller
69c627658f Enable malloc debugging on OpenBSD when SUDO_DEVEL is set. 2005-11-11 22:17:59 +00:00
Todd C. Miller
50004e00b8 Fix fd leak when lecture file option is enabled. From Jerry Brown 2005-11-11 16:22:58 +00:00
Todd C. Miller
3c6d0cc871 Add PERLLIB, PERL5LIB and PERL5OPT to the default list of environment 
variables to remove.  From Charles Morris
 2005-11-07 16:02:22 +00:00
Todd C. Miller
ce8f2b10e4 add JAVA_TOOL_OPTIONS to initial_badenv_table for java 5 2005-11-01 18:24:47 +00:00
Todd C. Miller
096a289d94 add PS4 and SHELLOPTS to initial_badenv_table for bash 2005-10-28 00:35:33 +00:00
Todd C. Miller
2c3be532a0 Fix typo; Toby Peterson 2005-08-15 00:32:08 +00:00
Todd C. Miller
f758302279 Make return buffers static so they don't get clobbered 2005-08-02 13:57:55 +00:00
Todd C. Miller
26523a7ce6 Fix securid5 authentication, was not checking for ACM_OK. Also add 
default cases for the two switch()es.  Problem noted by ccon at worldbank
 2005-07-28 01:14:14 +00:00
Todd C. Miller
4e86b1d74a Remove ncat() in favor of just counting bytes and pre-allocating what is 
needed.
 2005-06-27 00:10:06 +00:00
Todd C. Miller
73730b872b Fix up some comments 
Add missing fclose() for the rootbinddn case
 2005-06-26 23:44:30 +00:00
Todd C. Miller
380d3c8c7b align struct ldap_config 2005-06-26 23:38:44 +00:00
Todd C. Miller
76f3c652d6 use LINE_MAX for max conf file line size 2005-06-26 23:37:54 +00:00
Todd C. Miller
e0ac56ae6f add _PATH_LDAP_SECRET 2005-06-26 22:36:51 +00:00
Todd C. Miller
69be475791 Mention rootbinddn 
Give example ou=SUDOers container
 2005-06-26 22:36:09 +00:00
Todd C. Miller
3b30d7514a Support rootbinddn in ldap.conf 2005-06-25 22:03:10 +00:00
Todd C. Miller
8f90cfbd89 Preserve DISPLAY environment variable by default. 2005-06-25 21:46:16 +00:00
Todd C. Miller
485fa9b662 set need_lib_prefix=no for all cases; this is safe for LD_PRELOAD 2005-06-25 20:39:56 +00:00
Todd C. Miller
c09bfd6380 set need_version=no for all cases; this is safe for LD_PRELOAD 2005-06-25 20:15:55 +00:00
Todd C. Miller
c8f360fd5f typo 2005-06-25 18:45:09 +00:00
Todd C. Miller
1ddff11130 Add dragonfly 2005-06-25 18:33:01 +00:00
Todd C. Miller
d281ff77e2 Fix call to pam_end() when pam_open_session() fails. 2005-06-25 18:29:17 +00:00
Todd C. Miller
94ab741824 regen 2005-06-25 18:21:09 +00:00
Todd C. Miller
a2c0309301 rebuild acsite.m4 from libtool 1.9f libtool.m4 ltoptions.m4 ltsugar.m4 ltversion.m4 2005-06-25 18:20:43 +00:00
Todd C. Miller
f8b3770bee merge in local changes: 
config.guess:
 o better openbsd support
config.sub:
 o hiuxmpp support
ltmain.sh
 o remove requirement that libs must begin with "lib"
 o don't print a bunch of crap about library installs
 o don't run ldconfig
 2005-06-25 18:08:10 +00:00
Todd C. Miller
37d8f4ee91 libtool 1.9f 2005-06-25 18:05:44 +00:00
Todd C. Miller
95b9648ba8 Update with autoupdate and make minor changes for libtool 1.9f 2005-06-25 18:04:30 +00:00
Todd C. Miller
98931e0f8f don't call sudo_ldap_display_cmnd if ldap not setup 2005-06-23 03:19:00 +00:00
Todd C. Miller
2566e6b7d8 Move declatation of struct timespec to its own include files for 
systems without it since it needs time_t defined.
 2005-06-23 03:04:35 +00:00
Todd C. Miller
46230280c8 Move declatation of struct timespec to its own include files for 
systems without it since it needs time_t defined.
 2005-06-23 03:04:35 +00:00
Todd C. Miller
6cbaca026f Move declatation of struct timespec to its own include files for 
systems without it since it needs time_t defined.
 2005-06-23 03:04:35 +00:00
Todd C. Miller
ad5c04c904 Move declatation of struct timespec to its own include files for 
systems without it since it needs time_t defined.
 2005-06-23 03:04:35 +00:00
Todd C. Miller
3bb5c181b0 Move declatation of struct timespec to its own include files for 
systems without it since it needs time_t defined.
 2005-06-23 03:04:35 +00:00
Todd C. Miller
9800e99ffc Don't set safe_cmnd for the "sudo ALL" case. 2005-06-23 02:57:18 +00:00
Todd C. Miller
d3b45ae3f1 Call pam_open_session() and pam_close_session() to give pam_limits a 
chance to run.  Idea from Karel Zak.
 2005-05-27 05:59:02 +00:00
Todd C. Miller
c7ea24f2cc Add explicit cast from mode_t -> u_int in printf to silence warnings on Solaris 2005-04-24 23:24:58 +00:00
Todd C. Miller
7ce5994d6c include grp.h to silence a warning on Solaris 2005-04-24 23:22:19 +00:00
Todd C. Miller
f1a0953085 Fix printing of += and -= defaults. 2005-04-23 19:10:16 +00:00
Todd C. Miller
56d72a3b81 Sanity check number of syscall args with argsize. Not really needed 
but a little paranoia never hurts.
 2005-04-17 05:21:24 +00:00
Todd C. Miller
95c47e7f3b Don't do pointer arithmetic on void * 
Use int, not size_t/ssize_t for systrace lengths (since it uses int)
 2005-04-17 05:18:24 +00:00
Todd C. Miller
fe9b653085 Add some memsets for paranoia 
Fix namespace collsion w/ error
Check rval of decode_args() and update_env()
Remove improper setting of validated variable
 2005-04-16 07:14:34 +00:00
Todd C. Miller
f261a99f22 In -l mode, only check local sudoers file if def_ignore_sudoers is not set 
and call LDAP versions from display_privs() and display_cmnd() instead
of directly from main().  Because of this we need to defer closing
the ldap connection until after -l processing has ocurred and we
must pass in the ldap pointer to display_privs() and display_cmnd().
 2005-04-12 01:37:08 +00:00
Todd C. Miller
fe4f33ab94 Reorganize LDAP code to better match normal sudoers parsing. Instead 
of storing strings for later printing in -l mode we do another query
since the authenticating user and the user being listed may not be
the same (the new -U flag).  Also add support for "sudo -l command".

There is still a fair bit if duplicated code that can probably
be refactored.
 2005-04-12 01:33:23 +00:00
Todd C. Miller
b8cbf50a38 Replace pass variable with do_netgr for better readability. 2005-04-11 04:37:49 +00:00