isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,669 Commits 1 Branch 0 Tags
ac4aa811537bde9caa70e8c544952ece2e84350e
Commit Graph

2669 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
a6b005f256 Fix a pasto in flock-style unlocking and include <sys/file.h> for flock 
on older systems; twetzel@gwdg.de
 2001-04-04 17:17:04 +00:00
Todd C. Miller
6fcf09f562 regen to get NeXT lockf/flock fix 2001-04-04 17:14:52 +00:00
Todd C. Miller
a788475e5d force NeXT to use flock since lockf is broken 2001-04-04 17:14:13 +00:00
Todd C. Miller
4f69069533 Use stashed user_gid when checking against exempt gid since sudo 
sets its gid to a a value that makes sudoers readable.  Previously
if you used gid 0 as the exempt group everyone would be exempt.
From Paul Kranenburg <pk@cs.few.eur.nl>
 2001-03-30 13:54:27 +00:00
Todd C. Miller
4f1ff9a1ea regen 2001-03-29 18:14:55 +00:00
Todd C. Miller
e2282d3e42 #include stdio.h in SUDO_CHECK_TYPE since IRIX 6 aparently defines some 
types (such as ssize_t) therein.
 2001-03-29 18:08:56 +00:00
Todd C. Miller
a64a6abd33 Fix negation of paths in a boolean context. Problem found by apt@UH.EDU 2001-03-02 14:09:55 +00:00
Todd C. Miller
132f59534d pasto 2001-02-23 18:03:46 +00:00
Todd C. Miller
394ececcb8 SA_RESETHAND means the opposite of what I was thinking--oops 
To block all signals in old-style signals use ~0, not 0xffffffff
 2001-02-17 21:11:41 +00:00
Todd C. Miller
422021aebd coerce difference of pointers to int when used in a string length printf 
format; deraadt@openbsd.org
 2001-02-04 16:16:20 +00:00
Todd C. Miller
af80178b85 Block all signals in Exit() to avoid a signal race. There is still a 
tiny window but I'm not going to worry about it.
 2001-01-17 16:34:36 +00:00
Todd C. Miller
aeb8cefc42 glibc uses the LANGUAGE env var so clear that too; Solar Designer 2001-01-07 18:57:23 +00:00
Todd C. Miller
f0a75258b9 Regenerate with a fix to flex.skl that preserves errno from clobbering 
by isatty().
 2001-01-07 18:55:32 +00:00
Todd C. Miller
16e6a3b84a Some defaults I_ defines got renamed. 2000-12-31 01:39:06 +00:00
Todd C. Miller
d956d77528 Move defaults info into its own files from which we generate 
.h and .c files.  This makes adding or rearranging variables
much simpler.
 2000-12-31 01:38:37 +00:00
Todd C. Miller
4ca4d65152 fix typo in last commit 2000-12-30 21:58:11 +00:00
Todd C. Miller
5481e22892 Add check + emulation for setegid (like seteuid). 2000-12-30 21:55:21 +00:00
Todd C. Miller
1875e47474 Make env_keep override badenv_table as documented 
Fix traversal of badenv_table (broken in last commit)
 2000-12-30 21:22:08 +00:00
Todd C. Miller
572b4cf39a Don't try and build saved uid version of set_perms on systems w/o them. 
Rename set_perms_saved_uid() -> set_perms_posix()
Make set_perms_setreuid simply be set_perms_fallback() and simply include
  the appropriate function at compile time (setreuid() vs. setuid()).
 2000-12-30 03:59:40 +00:00
Todd C. Miller
9318379d83 PATH is also preserved when env_reset is in effect 2000-12-30 03:45:31 +00:00
Todd C. Miller
998631b73a New Defaults options: 
o stay_setuid - sudo will remain setuid if system has saved uids or setreuid(2)
 o env_reset - reset the environment to a sane default
 o env_keep - preserve environment variables that would otherwise be cleared

No longer use getenv/putenv/setenv functions--do environment munging by hand.
Potentially dangerous environment variables can be cleared only if they
contain '/' pr '%' characters to protect buggy programs.
Moved environment routines into env.c (new file)
 2000-12-30 03:29:47 +00:00
Todd C. Miller
f88c0c930b Clear up --without-passwd description 2000-12-30 03:17:58 +00:00
Todd C. Miller
679fee0f5a We now build up a new environment from scratch and assign it to "environ". 2000-12-30 00:39:36 +00:00
Todd C. Miller
211d8c7de0 Grammatical fixes from Paul Janzen 2000-12-19 03:35:07 +00:00
Todd C. Miller
6448c3523e If there was a syntax error and the user just wants to quit, unlink 
sudoers if it is zero length.
 2000-12-15 04:19:24 +00:00
Todd C. Miller
f14cf7973d 'Q' means ignore parse error, not 'q' 2000-12-15 04:10:54 +00:00
Todd C. Miller
02559d3447 Open sudoers for writing with mode SUDOERS_MODE 
From Dimitry Andric <dim@xs4all.nl>
 2000-12-15 03:57:53 +00:00
Todd C. Miller
744917ed67 Add missing #ifdef HAVE_LOGIN_CAP_H; ayamura@ayamura.org 2000-12-13 17:23:07 +00:00
Todd C. Miller
21cdac6b02 Darwin / Mac OS X support from Wilfredo Sanchez <wsanchez@apple.com> 2000-12-09 16:46:19 +00:00
Todd C. Miller
7ce284a132 Use exit(127), not exit(-1) 2000-11-03 14:36:32 +00:00
Todd C. Miller
7ea65e54bd Move set_perms() to its own file and use POSIX saved uid or setreuid() 
if available.

Added stay_setuid option for systems that have libraries that perform
extra paranoia checks in system libraries for setuid programs (ie:
anything with issetugid(2)).
 2000-11-03 05:37:44 +00:00
Todd C. Miller
70f16a284d strip more bits from the environment and add a facility for stripping 
things only if they contain '/' or '%' to address printf format string
vulnerabilities in other programs.
 2000-11-03 01:28:54 +00:00
Todd C. Miller
c3233194c1 regen 2000-11-02 17:55:13 +00:00
Todd C. Miller
8eb4848586 For NCR, add -lc89 to LIBS, not SUDO_LIBS and cache the existence 
of strcasecmp().
 2000-11-02 17:55:06 +00:00
Todd C. Miller
9ea228b399 regen 2000-11-02 17:46:39 +00:00
Todd C. Miller
7e7efac423 Check for strcasecmp(3) in -lc89 for NCR Unix 2000-11-02 17:46:29 +00:00
Todd C. Miller
43905f4d7b Define HAVE_INNETGR #ifdef HAVE__INNETGR 2000-11-01 15:22:08 +00:00
Todd C. Miller
ff9bbf0bde regen 2000-11-01 15:17:36 +00:00
Todd C. Miller
4fdb825a09 Add check for _innetgr(3) since NCR systems have that instead of 
innetgr(3).
 2000-11-01 15:17:25 +00:00
Todd C. Miller
92f5fad805 check return value of creadcfg() 
call sd_close() after sd_auth()
store username in sd->username so we don't rely on the USER env variable
 2000-10-31 19:16:52 +00:00
Todd C. Miller
7e49858217 document --with-bsdauth 2000-10-30 04:00:29 +00:00
Todd C. Miller
60c1253c8c regen 2000-10-30 03:57:04 +00:00
Todd C. Miller
e9d00a88b1 --with-bsdauth assumes --with-logincap 2000-10-30 03:56:54 +00:00
Todd C. Miller
2ec9c6a45d When prompting for a response to a challenge, if the user just hits return 
then reprompt with echo turned on.
 2000-10-30 03:45:11 +00:00
Todd C. Miller
f31d6ce259 Remove debugging code that should not have been committed, oops. 2000-10-29 22:31:42 +00:00
Todd C. Miller
84baa91273 Use lower-level routines and get the password ourselves. 
Checks for a challenge and if there is one echo is not turned off.
 2000-10-29 22:31:13 +00:00
Todd C. Miller
7a93a4aa75 minor housekeeping, no real code changes 2000-10-29 22:30:22 +00:00
Todd C. Miller
e23d30b913 Fix a coredump in the logging functions if gethostname(2) fails 
by deferring the call to log_error() until things are better setup.

Fix return value of set_loginclass() in non-BSD-auth case.

Hard-code 'sudo' in the usage message so we can fit more options on a line
 2000-10-27 22:41:48 +00:00
Todd C. Miller
2ad0d64a1a Fix errant ';' (typo) that broken MSG_ONLY 2000-10-27 22:35:42 +00:00
Todd C. Miller
dea1ce4d3e regen 2000-10-26 17:03:55 +00:00