isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,015 Commits 1 Branch 0 Tags
adfaebdb4d9c36a554dfa4aec221066e2e747723
Commit Graph

218 Commits

Author SHA1 Message Date
Todd C. Miller
8723291d89 CIDR-style netmask support 1999-08-24 16:42:28 +00:00
Todd C. Miller
275c2fc980 Run most of the code as root, not the invoking user. It doesn't really 
gain us anything to run as the user since an attacker can just have
an setuid(0) in their egg.  Running as root solves potential problems
wrt signalling.
 1999-08-20 20:37:16 +00:00
Todd C. Miller
0598093e2c sudoers_lookup() now returns a bitmap instead of an int. This makes it 
possible to express things like "failed to validate because user not listed
for this host".  Some thigns that were previously VALIDATE_FOO are now
FLAG_FOO.  This may change later on.

Reorganized code in log_auth() and sudo.c to deal with above changes.

Safer versions of push/pushcp with in the do { ... } while (0) style

parse.yacc now saves info on the stack to allow parse.c to determine
if a user was listed, but not for the host he/she tried to run on.

Added --with-mail-if-no-host option
 1999-08-19 16:30:09 +00:00
Todd C. Miller
145992dce2 o /etc/stmp -> /etc/sudoers.tmp since solaris uses stmp as shadow temp file 
o _PATH_SUDO_SUDOERS -> _PATH_SUDOERS and _PATH_SUDO_STMP -> _PATH_SUDOERS_TMP
 1999-08-06 09:37:03 +00:00
Todd C. Miller
6b3909c780 rename validate() to the more descriptive sudoers_lookup() 1999-08-01 15:42:12 +00:00
Todd C. Miller
0d732401f4 add 4th term to license similar to term 5 in the apache license 1999-07-31 16:19:50 +00:00
Todd C. Miller
c7fd99aa54 BSD-style copyright. Move parser-specific defines and structs into parse.h + other cosmetic changes 1999-07-22 12:51:18 +00:00
Todd C. Miller
26be17a3d6 Add contribution info in the main comment 1999-07-12 10:25:14 +00:00
Todd C. Miller
80287c981c Move interface-related defines to interfaces.h so we don't have to include 
<netinet/in.h> everywhere.
 1999-05-17 01:36:30 +00:00
Todd C. Miller
16fdb0a5c5 fix comment 1999-04-10 17:03:32 +00:00
Todd C. Miller
06e586ee7b Function names should be flush with the start of the line so they can be found trivially in an editor and with grep 1999-04-10 04:49:03 +00:00
Todd C. Miller
eecc5ce1c9 free(3) is already void, no need to cast it 1999-04-10 04:40:57 +00:00
Todd C. Miller
59b0cff8cf Stash the "safe" path (ie: the one listed in sudoers) to the command instead 
of stashing the struct stat.  Should be safer.
 1999-04-10 04:10:01 +00:00
Todd C. Miller
499e869237 Add VALIDATE_NOT_OK_NOPASS for when user is not allowed to run a command 
but the NOPASSWD flag was set.
Make runasspec, runaslist, runasuser, and nopasswd typeless in parse.yacc
Add support for '!' in the runas list
Fix double printing of '%' and '+' for groups and netgroups respectively
Add *_matched macros (no need for local stack variable).  Should only be
used directly after a pop (since top must be >= 2).
 1999-04-06 05:00:29 +00:00
Todd C. Miller
e6deacb6c4 Crank version to 1.6 and combine copyright statements 1999-04-05 20:57:25 +00:00
Todd C. Miller
49c5a12d8c Fix another parser bug. For a sudoers entry like this: 
millert	ALL=/bin/ls,(daemon) !/bin/ls
sudo would not allow millert to run ls as root.
 1999-03-30 17:17:54 +00:00
Todd C. Miller
79c46d1c81 ++version 1999-03-29 04:05:15 +00:00
Todd C. Miller
382ef75493 Use emalloc/erealloc/estrdup 1999-03-29 02:59:34 +00:00
Todd C. Miller
52916f16ac add explicate copyright 1999-02-03 04:32:19 +00:00
Todd C. Miller
826fe213f2 add sudo tags 1999-01-17 23:16:20 +00:00
Todd C. Miller
d3aaf52283 crank version and regen files 1999-01-17 22:40:55 +00:00
Todd C. Miller
62dba8f4d1 more -Wall 1998-11-18 04:16:13 +00:00
Todd C. Miller
c253188f55 -Wall 1998-11-18 03:51:10 +00:00
Todd C. Miller
4f461199af kill perror("malloc") since we already have a good error messages 
pw_ent -> pw for brevity
when checking if %group matches, look up user in password file so
that %groups works in a RunAs spec.
 1998-11-04 01:39:40 +00:00
Todd C. Miller
5bfb481ca7 no more options.h 1998-10-15 05:41:26 +00:00
Todd C. Miller
581cfa1406 FAST_MATCH is no longer an optino 1998-10-15 03:57:14 +00:00
Todd C. Miller
0ef9f25d7e updated version 1998-09-17 16:27:15 +00:00
Todd C. Miller
a1c5148c34 use NAMLEN() macro 1998-09-07 02:41:33 +00:00
Todd C. Miller
12477fd6e6 updated version 1998-04-06 03:35:50 +00:00
Todd C. Miller
c27d678ff7 MAX* + 1 -> MAX* 1998-04-06 03:15:39 +00:00
Todd C. Miller
e37e1e56b6 updated version 1998-03-31 05:05:49 +00:00
Todd C. Miller
c866646cdf updated version 1998-02-18 21:39:31 +00:00
Todd C. Miller
2fc787d5f6 updated version 1998-02-17 02:43:17 +00:00
Todd C. Miller
bc7803cd08 updated version 1998-02-06 20:49:24 +00:00
Todd C. Miller
3e52d3a117 set sudoers_fp to nil after closing 1998-01-30 19:59:03 +00:00
Todd C. Miller
0c362fb216 updated version 1998-01-21 06:33:06 +00:00
Todd C. Miller
bb6a33e080 updated version 1998-01-21 05:50:58 +00:00
Todd C. Miller
cae4b9d3e3 sudoers file open is now done only in check_sudoers() so 
we just do a rewind() instead of an open.  May help people on
solaris who were getting EAGAIN.
 1998-01-21 05:02:59 +00:00
Todd C. Miller
6523933184 typo 1998-01-13 15:32:41 +00:00
Todd C. Miller
6a2b6895f4 fix that bug for real 1998-01-13 15:19:08 +00:00
Todd C. Miller
166789a1dd ++version 1998-01-13 04:48:42 +00:00
Todd C. Miller
ab9b352455 commands can start with ./* not just /* -- fixes a serious security hole. 1998-01-13 04:10:08 +00:00
Todd C. Miller
5e723efe75 ++version 1996-11-14 02:37:56 +00:00
Todd C. Miller
b0248f15df ++version 1996-10-07 05:07:09 +00:00
Todd C. Miller
6a230806a8 courtesan 1996-09-08 00:21:42 +00:00
Todd C. Miller
d189849b44 ++version 1996-08-30 00:37:04 +00:00
Todd C. Miller
35825133a7 ++version 1996-08-17 23:25:40 +00:00
Todd C. Miller
7d272a7ff0 now uses init_parser() 
if not in sudoers and tries "list" or "validate" scold but don't
be nasty.
 1996-08-17 22:30:48 +00:00
Todd C. Miller
8c35fa2ec6 fix comment 1996-08-15 19:46:04 +00:00
Todd C. Miller
4fb2f4ca9a added support for new `sudo -l' stuff 1996-08-09 22:07:51 +00:00