isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,574 Commits 1 Branch 0 Tags
c6987aa26ea12569e65bc7ab18e702b06ab8d715
Commit Graph

7 Commits

Author SHA1 Message Date
Todd C. Miller
f0030cf30f Make struct {command,user}_details pointers const where possible. 2023-03-27 16:29:46 -06:00
Todd C. Miller
8db1eb0c8b Update the cwd for log_subcmds too. 
Fixes a problem for intercept_method=trace when running a relative
command from a different directory than what sudo ws started from.
GitHub issue #194
 2022-11-07 12:14:15 -07:00
Todd C. Miller
3cd9c5f5e6 Stop sending an InterceptResponse to a PolicyCheckRequest for log_subcmds. 
There's no real reason for the command to wait for sudo send back a
response that will always be a PolicyAcceptMessage.
 2022-06-30 13:35:07 -06:00
Todd C. Miller
040e75a07b Add test_ptrace program to test ptrace-based intercept support. 2022-05-11 20:07:55 -06:00
Todd C. Miller
35ea534b3e Move register definitions to exec_ptrace.h 2022-05-05 13:37:26 -06:00
Todd C. Miller
52cacfc302 For ptrace intercept mode, do not do a policy check for the initial command. 
We can skip the policy check for the execve(2) of the initial command
since it has already been check.  Otherwise, we would log the command
twice.  When using fexecve(2) due to a digest check, there should
be no need to skip the initial command since it will be executed
via execveat(2) not execve(2).  However, on older kernels without
execveat(2), glibc will emulate fexecve(2) using /proc which will
result in the extra log entry.
 2022-04-29 13:09:03 -06:00
Todd C. Miller
8e375445fb Check the policy for ptrace-based intercept mode. 2022-04-29 13:08:59 -06:00