isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,609 Commits 1 Branch 0 Tags
8fbdbde2f5845b157eb84722d21d5acefbdac2f6
Commit Graph

115 Commits

Author SHA1 Message Date
Todd C. Miller
304dc46d7f Add efree() for consistency with emalloc() et al. Allows us to rely 
on C89 behavior (free(NULL) is valid) even on K&R.
 2005-03-29 14:29:47 +00:00
Todd C. Miller
778d587063 Update copyright years. 2005-02-12 22:56:07 +00:00
Todd C. Miller
3b8b88407f Add __unused to rcsids 2005-01-27 15:42:30 +00:00
Todd C. Miller
2c2daa8eca Use: #include <config.h> 
Not: #include "config.h"
That way we get the correct config.h when build dir != src dir
 2004-11-19 18:39:14 +00:00
Todd C. Miller
51375f969f Add local error/warning functions like err/warn but that call an additional 
cleanup routine in the error case.  This means we no longer need to compile
a special version of alloc.o for visudo.
 2004-11-15 15:53:53 +00:00
Todd C. Miller
a768dbc34f Bring back the "secure_path" Defaults option now that Defaults take 
effect before the path is searched.
 2004-11-12 16:19:19 +00:00
Todd C. Miller
f30ab72c44 Add cmnd_base to struct sudo_user and set it in init_vars(). 
Add cmnd_stat to struct sudo_user and set it in sudo_goodpath().
No longer use gross statics in command_matches().
Also rename some variables for improved clarity.
 2004-08-24 18:01:14 +00:00
Todd C. Miller
1273bf2573 update (c) year 2004-06-07 00:02:56 +00:00
Todd C. Miller
7ed41967ab Remove trailing spaces, no actual code changes. 2004-06-06 23:58:10 +00:00
Todd C. Miller
d33ad95208 Use PATH_MAX, not MAXPATHLEN since the former is standardized. 2004-06-01 01:22:27 +00:00
Todd C. Miller
b8ae391a93 More to a less restrictive, ISC-style license. 2004-02-13 21:36:43 +00:00
Todd C. Miller
6ad252765b Create def_* macros for each defaults value so we no longer need 
the def_{flag,ival,str,list,mode} macros (which have been removed).
This is a step toward more flexible data types in def_data.in.
 2003-12-30 22:20:21 +00:00
Todd C. Miller
505b424a56 add DARPA credit on affected files 2003-04-16 00:42:10 +00:00
Todd C. Miller
dcf1a5acce Use warn/err and getprogname() throughout. The main exception is 
openlog().  Since the admin may be filtering logs based on the
program name in the log files, hard code this to "sudo".
 2003-04-02 18:25:30 +00:00
Todd C. Miller
48229cbac6 update copyright year 2003-03-15 20:31:02 +00:00
Todd C. Miller
eebc763bd3 Use strlc{at,py} for paranoia's sake and exit on overflow. In all 
cases the strings were either pre-allocated to the correct size of
length checks were done before the copy but a little paranoia can
go a long way.
 2003-03-13 20:00:45 +00:00
Todd C. Miller
46dd419cd9 o Reorder some headers and use STDC_HEADERS define properly 
o Update copyright year
 2001-12-14 19:52:47 +00:00
Todd C. Miller
2e677e1023 Remove "secure_path" Defaults option since it cannot work with the 
existing parser.
 2001-12-14 06:40:03 +00:00
Todd C. Miller
f590093e46 Unset "secure_path" if user_is_exempt() 2001-12-14 06:26:55 +00:00
Todd C. Miller
998631b73a New Defaults options: 
o stay_setuid - sudo will remain setuid if system has saved uids or setreuid(2)
 o env_reset - reset the environment to a sane default
 o env_keep - preserve environment variables that would otherwise be cleared

No longer use getenv/putenv/setenv functions--do environment munging by hand.
Potentially dangerous environment variables can be cleared only if they
contain '/' pr '%' characters to protect buggy programs.
Moved environment routines into env.c (new file)
 2000-12-30 03:29:47 +00:00
Todd C. Miller
bffb27280b Don't apply SECURE_PATH if user is example; jmknoble@pobox.com 2000-01-27 04:31:58 +00:00
Todd C. Miller
7769bf6a32 o Change defaults stuff to put the value right in the struct. 
o Implement mailer_flags
o Store syslog stuff both in int and string form.  Setting the string
  form magically updates the int version.
o Add boolean attribute to strings where it makes sense to say !foo
 1999-10-07 21:21:08 +00:00
Todd C. Miller
13bf42675d Add support for "Defaults" line in sudoers to make configuration variables 
changable at runtime (and on a global, per-host and per-user basis).
Both the names and the internal representation are still subject to change.
It was necessary to make sudo_user.runas but a char ** instead of a
char * since this value can be changed by a Defaults line.  There is a
similar (but more complicated) issue with sudo_user.prompt but it
is handled differently at the moment.

Add a "-L" flag to list the name of options with their descriptions.  This
may only be temporary.

Move some prototypes to parse.h

Be much less restrictive on what is allowed for a username.
 1999-09-08 08:06:28 +00:00
Todd C. Miller
275c2fc980 Run most of the code as root, not the invoking user. It doesn't really 
gain us anything to run as the user since an attacker can just have
an setuid(0) in their egg.  Running as root solves potential problems
wrt signalling.
 1999-08-20 20:37:16 +00:00
Todd C. Miller
ca8eb6f2aa add 4th term to license similar to term 5 in the apache license 1999-07-31 16:19:45 +00:00
Todd C. Miller
692fe8cdb3 BSD-style copyright, cosmetic changes 1999-07-22 12:49:28 +00:00
Todd C. Miller
80287c981c Move interface-related defines to interfaces.h so we don't have to include 
<netinet/in.h> everywhere.
 1999-05-17 01:36:30 +00:00
Todd C. Miller
06e586ee7b Function names should be flush with the start of the line so they can be found trivially in an editor and with grep 1999-04-10 04:49:03 +00:00
Todd C. Miller
eecc5ce1c9 free(3) is already void, no need to cast it 1999-04-10 04:40:57 +00:00
Todd C. Miller
e6deacb6c4 Crank version to 1.6 and combine copyright statements 1999-04-05 20:57:25 +00:00
Todd C. Miller
79c46d1c81 ++version 1999-03-29 04:05:15 +00:00
Todd C. Miller
382ef75493 Use emalloc/erealloc/estrdup 1999-03-29 02:59:34 +00:00
Todd C. Miller
52916f16ac add explicate copyright 1999-02-03 04:32:19 +00:00
Todd C. Miller
826fe213f2 add sudo tags 1999-01-17 23:16:20 +00:00
Todd C. Miller
d3aaf52283 crank version and regen files 1999-01-17 22:40:55 +00:00
Todd C. Miller
62dba8f4d1 more -Wall 1998-11-18 04:16:13 +00:00
Todd C. Miller
c253188f55 -Wall 1998-11-18 03:51:10 +00:00
Todd C. Miller
4c4e1d376e return NOT_FOUND if given fully qualified path and it does not exist 
previously it would perror(ENOENT) which bypasses the option to not
leak path info
 1998-11-14 00:21:40 +00:00
Todd C. Miller
0900eabf3b go back to printing "command not found" unless --disable-path-info 
specified.  Also, tell user when we ignore '.' in their path and
it would have been used but for --with-ignore-dot.
 1998-11-08 20:56:52 +00:00
Todd C. Miller
5bfb481ca7 no more options.h 1998-10-15 05:41:26 +00:00
Todd C. Miller
0ef9f25d7e updated version 1998-09-17 16:27:15 +00:00
Todd C. Miller
12477fd6e6 updated version 1998-04-06 03:35:50 +00:00
Todd C. Miller
c27d678ff7 MAX* + 1 -> MAX* 1998-04-06 03:15:39 +00:00
Todd C. Miller
e37e1e56b6 updated version 1998-03-31 05:05:49 +00:00
Todd C. Miller
c866646cdf updated version 1998-02-18 21:39:31 +00:00
Todd C. Miller
2fc787d5f6 updated version 1998-02-17 02:43:17 +00:00
Todd C. Miller
bc7803cd08 updated version 1998-02-06 20:49:24 +00:00
Todd C. Miller
0c362fb216 updated version 1998-01-21 06:33:06 +00:00
Todd C. Miller
bb6a33e080 updated version 1998-01-21 05:50:58 +00:00
Todd C. Miller
166789a1dd ++version 1998-01-13 04:48:42 +00:00