isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
8,424 Commits 1 Branch 0 Tags
caf064e17bbdfa0d3a0149b61c4f427ebb4fee8c
Commit Graph

8424 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
578be4f39c Use SUDOERS_DEBUG_UTIL not SUDO_DEBUG_UTIL in the plugin. 2016-01-22 11:22:58 -07:00
Todd C. Miller
5016fa23df When parsing debug entries, don't make a lower value override a 
higher one.  For example, for "pcomm@debug,all@warn" the "all@warn"
should not set pcomm to "warn" when it is already at "debug".
 2016-01-21 07:43:25 -07:00
Todd C. Miller
7ed519125e Set sudoedit_checkdir=false in command_details when it is disabled 
in sudoers.
 2016-01-20 15:51:43 -07:00
Todd C. Miller
f4e5b135bb Update copyright year 2016-01-20 15:40:51 -07:00
Todd C. Miller
726b4dc968 If the user runs "sudoedit /" we will receive ENOENT from openat(2) 
and sudoedit will try to create a file with the null string.  If
path is empty, open the cwd instead so sudoedit can give a sensible
error message.
 2016-01-20 15:36:20 -07:00
Todd C. Miller
399ec8b2b0 Log an error for invalid boolean strings. 2016-01-20 15:34:00 -07:00
Todd C. Miller
5bae35c05c Fix off by one error in new SET_FLAG macro. 2016-01-20 15:09:32 -07:00
Todd C. Miller
ec37504dfb Document the race with sudoedit_checkdir in 1.8.15. 2016-01-20 11:00:05 -07:00
Todd C. Miller
42671f6b95 Document sudoedit_checkdir 2016-01-20 10:56:47 -07:00
Todd C. Miller
5e300f1e4c There are no systems that support O_SEARCH/O_PATH that do not also 
support O_DIRECTORY so simplify the definition of DIR_OPEN_FLAGS a
bit.
 2016-01-19 19:50:27 -07:00
Todd C. Miller
5dae4d3f35 regen 2016-01-19 15:23:07 -07:00
Todd C. Miller
647bfa4a9d Add 1.8.16 changes 2016-01-19 15:21:15 -07:00
Todd C. Miller
de0208a01b Make sudoedit_checkdir the default and update the documentation accordingly. 2016-01-19 14:16:25 -07:00
Todd C. Miller
e719d954e7 Add a SET_FLAG macro to simplify parsing command details boolean 
flags.  Previously, flags were only set and never cleared even if
the boolean value was false.  This was not a problem as there were
no default flags for the plugin to enable.  That will change in the
future.
 2016-01-19 10:32:33 -07:00
Todd C. Miller
4b96e94f37 Need to be root when switching to a different user. 2016-01-18 13:12:50 -07:00
Todd C. Miller
9f481f128d Use O_SEARCH on systems without O_PATH if present. It can be used 
for a similar purpose.
 2016-01-18 12:38:41 -07:00
Todd C. Miller
c1b1481204 Use faccessat(2) for directory writability instead of doing the 
checks manually where possible.  This also allows us to remove the
#ifdef __linux__ bits since we no longer use fstat(2) on Linux with
an O_PATH fd.
 2016-01-18 10:45:47 -07:00
Todd C. Miller
7f8a29dfc0 Add "I/O LOG FILES" section to the manual and move many of the 
details from the log_input and log_output descriptions to it.
 2016-01-16 16:47:42 -07:00
Todd C. Miller
ad8c96403d Use "Nm sudoers" when talking about the plugin and "Em sudoers" when 
talking about the sudoers file.
 2016-01-16 16:46:17 -07:00
Todd C. Miller
12a8becd70 Remove gzopen_w which is only defined on Windows. 2016-01-13 13:40:19 -07:00
Todd C. Miller
4bcef637f8 Work around the buggy pread(2) on 32-bit HP-UX 11.00 by using 
pread64() on that platform.
 2016-01-13 11:10:33 -07:00
Todd C. Miller
5a77989a33 Add support for matching the entire netgroup tuple (user, host, domain). 2016-01-12 14:59:44 -07:00
Todd C. Miller
9d7bc0311f Use asprintf() to generate the netgroup filter instead of using 
lots of concatenation.
 2016-01-12 14:29:09 -07:00
Todd C. Miller
f97eba71f0 Add missing sudo_debug_exit_ssize_t_v1 symbol. 2016-01-12 14:28:58 -07:00
Todd C. Miller
55fdf66c1d In sudo_netgroup_lookup() only build up the search filter once 
instead of once per netgroup_base.
 2016-01-11 16:35:05 -07:00
Todd C. Miller
7c454656d5 It is safe to pass ldap_msgfree() a NULL pointer. 2016-01-11 16:24:22 -07:00
Todd C. Miller
ae5a2f4072 On overflow, warn before freeing anything. 2016-01-11 16:23:19 -07:00
Todd C. Miller
0f991ff78b Use user_runhost and user_srunhost instead of user_host and user_shost. 
Fixes "sudo -l -h other_host" for LDAP and sssd.
 2016-01-11 15:54:02 -07:00
Todd C. Miller
089b468de7 Silence warning in digest_matches() on systems with no fexecve(2). 2016-01-11 16:55:52 -07:00
Todd C. Miller
9308d05e7e Fix free() of invalid pointer introduced in the commit that stripped 
whitespace between a '!' and the name in a sudoOption.
 2016-01-11 16:52:52 -07:00
Todd C. Miller
14b454cc0d Fix free() of invalid pointer introduced in the commit that stripped 
whitespace between a '!' and the name in a sudoOption.
 2016-01-11 16:44:05 -07:00
Todd C. Miller
051fe2d4cf Add missing dfd argument to the version of sudo_edit_openat_nofollow() 
for systems without O_NOFOLLOW.
 2016-01-11 16:36:40 -07:00
Todd C. Miller
8ed9f6172a Update description of sudoedit_checkdir. Reported by Sander Bos. 2016-01-11 15:09:08 -07:00
Todd C. Miller
c7c80913ef No need to check whether the fd we opened is really a directory in 
sudo_edit_open_nonwritable() since if not, the openat() will fail
with ENOTDIR anyway.
 2016-01-11 11:15:42 -07:00
Todd C. Miller
68c1073fe5 Rewritten sudoedit_checkdir support that checks all the dirs in the 
path and refuses to follow symlinks in writable directories.
This is a better fix for CVE-2015-5602.
Adapted from a diff by Ben Hutchings.  Bug #707
 2016-01-10 18:31:29 -07:00
Todd C. Miller
39db87e62b sync with translationproject.org 2016-01-04 10:47:11 -07:00
Todd C. Miller
b20977d445 Add support for using fexecve() if supported on commands that are 
checksummed.
 2016-01-04 10:35:18 -07:00
Todd C. Miller
97e86c74ff Call openat() with the basename not the full path. From Ben Hutchings. 2015-12-29 13:38:14 -07:00
Todd C. Miller
330a209695 Fix compilation with --disable-shared 2015-12-24 08:26:26 -07:00
Todd C. Miller
88a634b7fb Check for existing dso in LD_PRELOAD and only add it if it is not 
already present.
 2015-12-20 14:08:47 -07:00
Todd C. Miller
584aebe738 Clarify when SIGINT and SIGQUIT are relayed by sudo to the command. 2015-12-18 14:41:11 -07:00
Todd C. Miller
ad1068c1ee Actually use the plugin_dir Path setting in sudo.conf. 2015-12-18 14:05:02 -07:00
Todd C. Miller
0123cf63f1 The Path setting for the plugin directory is "plugin_dir" not "plugin". 2015-12-18 14:03:59 -07:00
Todd C. Miller
55531958de Allow sudo.conf Path settings to disable path names (by setting the 
value of NULL).
 2015-12-18 12:31:28 -07:00
Todd C. Miller
7a57bae1e6 Change noexec flag in selinux_execve() from int to bool. 2015-12-16 15:16:48 -07:00
Todd C. Miller
4536480800 Refactor code to set LD_PRELOAD (or the equivalent) in the environment 
into a preload_dso() function.  Also avoid allocating a new copy
of the environment array if the size of the array does not change.
 2015-12-16 15:08:01 -07:00
Todd C. Miller
3b338830cf Add missing square brackets in configure option descriptions. 2015-12-16 14:57:37 -07:00
Todd C. Miller
a6f8994a59 Document the names of the I/O log files and mention buffering. 
Document that I/O logs are in gzip format by default.
 2015-12-11 10:04:17 -07:00
Todd C. Miller
290dafda3b Add BASHOPTS to initial_badenv_table[]; from Stephane Chazelas 2015-12-10 17:14:56 -07:00
Todd C. Miller
d46d0fbc6f When parsing sudoOptions that include an operator (!, +, +=, -=) 
strip out any whitespace on either side of the operator.
 2015-12-09 14:57:33 -07:00