isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,366 Commits 1 Branch 0 Tags
a79c3af48739c63191ebaa2c983ad69cfb3904d0
Commit Graph

3366 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
a79c3af487 Mention PREVENTING SHELL ESCAPES section of sudoers man page 2004-09-27 18:05:58 +00:00
Todd C. Miller
741177ad12 regen 2004-09-27 16:08:18 +00:00
Todd C. Miller
5691c513d3 Add support for #include in sudoers (visudo support TBD) 2004-09-27 16:03:15 +00:00
Todd C. Miller
7f73581592 make yyerror()'s argument const 2004-09-27 16:02:50 +00:00
Todd C. Miller
ec0ef3fcf7 Add open_sudoers() stubs. 2004-09-27 16:02:10 +00:00
Todd C. Miller
7cf26298a2 Rename check_sudoers() open_sudoers() and make it return a FILE * 2004-09-27 16:01:54 +00:00
Todd C. Miller
22ad3cbc96 Crank version 2004-09-26 16:35:58 +00:00
Todd C. Miller
8b8ff2e455 Better HP-UX depot construction 2004-09-26 16:33:31 +00:00
Todd C. Miller
e4d64ce1d0 o Made children global so check_exec() can lookup a child. 
o Replaced uid in struct childinfo with struct passwd * (for runas)
o new_child() now takes a parent pid so the runas info can be inherited
o Added find_child() to lookup a child by its pid
o update_child() now fills in a struct passwd
o Converted the big if/else mess in set_policy to a switch
o Syscalls that change uid are now "ask" so we get SYSTR_MSG_UGID events
 2004-09-25 21:08:48 +00:00
Todd C. Miller
ea5307a433 Add flag to sudo_pwdup that indicates whether or not to lookup the 
shadow password.  Will be used to a struct passwd that has the
shadow password already filled in.
 2004-09-25 21:01:46 +00:00
Todd C. Miller
28736eb556 add missing increment of addr in read_string() 2004-09-25 20:58:11 +00:00
Todd C. Miller
649e2dac12 Remove bogus call to update_child() and some cosmetic fixes 2004-09-25 20:15:44 +00:00
Todd C. Miller
4e5c53e139 Don't leak /dev/systrace fd to tracee 
Make initialized global for simplicity
If STRIOCATTACH returns EBUSY we are already being traced
Check for user_args == NULL in setproctitle() call
Add missing calls to STRIOCANSWER
 2004-09-25 20:11:39 +00:00
Todd C. Miller
d4e3f175c8 g/c sudo_pwdup proto 2004-09-25 17:15:06 +00:00
Todd C. Miller
007aff2b63 Add target for building a depot file 2004-09-25 00:21:04 +00:00
Todd C. Miller
1131db0699 trim includes 2004-09-25 00:07:26 +00:00
Todd C. Miller
2bb8472982 regen 2004-09-24 18:11:19 +00:00
Todd C. Miller
78ac046db5 document --with-systrace 2004-09-24 18:10:32 +00:00
Todd C. Miller
35203ffe56 Add check for setproctitle 2004-09-24 18:10:27 +00:00
Todd C. Miller
11edf288bd pass struct str_msg_ask in to syscall checker so it can set the error code 2004-09-24 18:09:47 +00:00
Todd C. Miller
d492138ff0 systrace(4) support for sudo. On systems with the systrace(4) kernel 
facility (OpenBSD, NetBSD, Linux w/ patches) sudo can intercept exec
calls and check the exec args against the sudoers file.
In other words, sudo can now control subcommands and shell escapes.
 2004-09-24 17:30:23 +00:00
Todd C. Miller
aa8d212e3c Call systrace_attach() if FLAG_TRACE is set. 2004-09-24 17:17:29 +00:00
Todd C. Miller
e3391d597b Add trace Defaults option and TRACE/NOTRACE tags and set FLAG_TRACE 2004-09-24 17:15:51 +00:00
Todd C. Miller
0c2be08089 Don't close sudoers_fp, keep it open and set close on exec flag instead. 2004-09-24 17:13:24 +00:00
Todd C. Miller
ef874440a5 Add trace option 2004-09-24 17:11:14 +00:00
Todd C. Miller
84a3d101e8 Add systrace 2004-09-24 00:24:09 +00:00
Todd C. Miller
7db351d7ab SunOS /bin/sh blows up with configure 2004-09-24 00:23:51 +00:00
Todd C. Miller
ce559899e2 Include sys/param.h before systrace.h 2004-09-24 00:23:28 +00:00
Todd C. Miller
ec57f115f8 regen 2004-09-24 00:15:19 +00:00
Todd C. Miller
5431e1451c _PATH_DEV_SYSTRACE 2004-09-24 00:15:13 +00:00
Todd C. Miller
35b33cc1bc line up options in --help 2004-09-24 00:14:44 +00:00
Todd C. Miller
2af113f24e Add --with-systrace 2004-09-24 00:11:31 +00:00
Todd C. Miller
fdaaeda58e regen 2004-09-23 17:35:55 +00:00
Todd C. Miller
2306b4eb51 make this work with autoconf-2.59 2004-09-23 17:35:40 +00:00
Todd C. Miller
5ac82331be Simplify logic around open & stat of files and do sanity on edited 
file even if we lack fstat (still racable but worth doing).
 2004-09-16 16:58:03 +00:00
Todd C. Miller
4bf59231e5 Add support url 2004-09-15 22:47:48 +00:00
Todd C. Miller
075af35f95 versino 1.6.8p1 2004-09-15 20:11:22 +00:00
Todd C. Miller
98e8b1a150 more changes for 1.6.8p1 2004-09-15 19:20:24 +00:00
Todd C. Miller
55be146f08 1.6.8p1 2004-09-15 19:18:38 +00:00
Todd C. Miller
12c78c0f6d Add sanity check so we don't try to edit something other than a regular file. 2004-09-15 16:16:20 +00:00
Aaron Spangler
bbfe3c0a66 sync 2004-09-15 00:55:00 +00:00
Aaron Spangler
beb6773572 document --with-ldap-conf-file 2004-09-15 00:21:59 +00:00
Todd C. Miller
ec404a074a political correctness strikes again 2004-09-14 21:43:31 +00:00
Todd C. Miller
e3161b7a9c sync 2004-09-14 19:09:00 +00:00
Todd C. Miller
13a265e0ed Install sudoedit man link 2004-09-12 23:50:35 +00:00
Todd C. Miller
e4dcb79194 Update PAM note and mention where HP-UX users can download gcc binaries. 2004-09-12 18:25:54 +00:00
Todd C. Miller
4aa5447ab9 libtool wants to install stuff from .libs so fake one up for binary 
installations.
 2004-09-12 16:08:25 +00:00
Todd C. Miller
3dcceccfcb rm -f old sudoedit link instead of using ln -f 
set LIBTOOL correctly
 2004-09-12 15:53:28 +00:00
Todd C. Miller
75866326a2 Deal with "uname -m" having slashes in it 
rm -f old sudoedit link instead of using ln -f
 2004-09-12 15:53:03 +00:00
Todd C. Miller
5f8b2d6464 Makefile.binary -> Makefile.binary.in for config.status substitution 
Add support for installing noexec bits
 2004-09-12 14:22:36 +00:00