isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,688 Commits 1 Branch 0 Tags
ce8f2b10e413c511391f1ab5d09c6f1be6b77cb6
Commit Graph

60 Commits

Author SHA1 Message Date
Todd C. Miller
ce8f2b10e4 add JAVA_TOOL_OPTIONS to initial_badenv_table for java 5 2005-11-01 18:24:47 +00:00
Todd C. Miller
096a289d94 add PS4 and SHELLOPTS to initial_badenv_table for bash 2005-10-28 00:35:33 +00:00
Todd C. Miller
8f90cfbd89 Preserve DISPLAY environment variable by default. 2005-06-25 21:46:16 +00:00
Todd C. Miller
2791a18078 Fix disabling set_logname and make env_keep override set_logname. 2005-02-20 17:57:48 +00:00
Todd C. Miller
6bee8e3770 Just clean the environment once. This assumes that any further 
setenv/putenv will be able to handle the fact that we replaced environ
with our own malloc'd copy but all the implementations I've checked do.
 2005-02-20 16:48:05 +00:00
Todd C. Miller
87a8b5b48b In -i mode, base the value of insert_env()'s dupcheck flag on DID_FOO flags. 
Move checks for $HOME resetting into rebuild_env()
 2005-02-16 04:16:22 +00:00
Todd C. Miller
74894ebf62 Move setting of user_path, user_shell, user_prompt and prev_user 
into init_vars() since user_shell at least is needed there.
 2005-02-13 05:33:59 +00:00
Todd C. Miller
778d587063 Update copyright years. 2005-02-12 22:56:07 +00:00
Todd C. Miller
ab2e7bc267 Instead of zeroing out the environment, just prune out entries 
based on the env_delete and env_check lists.  Base building up
the new environment on the current environment and the variables
we removed initially.
 2005-02-10 04:00:04 +00:00
Todd C. Miller
f015a51b9b correct value for DID_USER 2005-02-08 03:56:51 +00:00
Todd C. Miller
3b8b88407f Add __unused to rcsids 2005-01-27 15:42:30 +00:00
Todd C. Miller
48dae86b8f Add missing braces to avoid DYLD_FORCE_FLAT_NAMESPACE being set 
unconditionally on darwin.  From Toby Peterson.
 2004-12-02 16:18:29 +00:00
Todd C. Miller
2c2daa8eca Use: #include <config.h> 
Not: #include "config.h"
That way we get the correct config.h when build dir != src dir
 2004-11-19 18:39:14 +00:00
Todd C. Miller
b2ef18bbd3 Preserve KRB5CCNAME in zero_env() and add a paranoia check to make sure 
we can't overflow new_env.
 2004-11-17 16:18:33 +00:00
Todd C. Miller
51375f969f Add local error/warning functions like err/warn but that call an additional 
cleanup routine in the error case.  This means we no longer need to compile
a special version of alloc.o for visudo.
 2004-11-15 15:53:53 +00:00
Todd C. Miller
a768dbc34f Bring back the "secure_path" Defaults option now that Defaults take 
effect before the path is searched.
 2004-11-12 16:19:19 +00:00
Todd C. Miller
74b4e439a6 strip CDPATH too 2004-11-11 16:25:20 +00:00
Todd C. Miller
482526bde1 strip exported bash functions from the environment. 2004-11-11 16:20:59 +00:00
Todd C. Miller
01dbe19ba1 Let the loader initialize nep 2004-09-08 15:57:49 +00:00
Aaron Spangler
03b53b6911 Rare SEGV 2004-09-07 01:12:34 +00:00
Aaron Spangler
2102b561ba Openldap ~/.ldaprc fix 2004-09-06 19:05:32 +00:00
Todd C. Miller
362d6f4eb6 Remove trailing spaces, no actual code changes. 2004-06-06 23:58:10 +00:00
Todd C. Miller
5a2e5144de More to a less restrictive, ISC-style license. 2004-02-13 21:36:43 +00:00
Todd C. Miller
262bb5e870 Use the SET, CLR and ISSET macros. 2004-01-29 22:33:54 +00:00
Todd C. Miller
8ab5b8c596 If real uid == 0 and the SUDO_USER environment variables is set, 
use that to determine the invoking user's true identity.  That way
the proper info gets logged by someone who has done "sudo su" but
still uses sudo to as root.  We can't do this for non-root users
since that would open up a security hole, though perhaps it would
be acceptable to use getlogin(2) on OSes where this a system call
(and doesn't just look in the utmp file).
 2004-01-21 22:06:02 +00:00
Todd C. Miller
3001e7f296 In -i mode always set new environment based on the runas user's passwd entry. 2004-01-19 01:17:00 +00:00
Todd C. Miller
ecfc813757 PERM_RUNAS -> PERM_FULL_RUNAS 2004-01-16 23:07:03 +00:00
Todd C. Miller
230a54ebb9 Make format_env() varargs 
Add noexec support for Darwin, MacOS X, Irix, and Tru64
 2004-01-09 05:38:58 +00:00
Todd C. Miller
8e421c95b8 update copyright year 2004-01-05 17:15:32 +00:00
Todd C. Miller
626e2cd209 Add _PATH_SUDO_NOEXEC and corresponding --with-noexec configure option. 
The default value of noexec_file is set to this.
 2004-01-05 03:58:39 +00:00
Todd C. Miller
7536a781f0 Add support for preloading a shared object containing a dummy execve() 
function that just sets error and returns -1.  This adds a
"noexec_file" option to load the filename as well as a "noexec" flag
to enable it unconditionally.  There is also a NOEXEC tag that can
be attached to specific commands and an EXEC tag to disable it.
 2004-01-05 02:48:09 +00:00
Todd C. Miller
6ad252765b Create def_* macros for each defaults value so we no longer need 
the def_{flag,ival,str,list,mode} macros (which have been removed).
This is a step toward more flexible data types in def_data.in.
 2003-12-30 22:20:21 +00:00
Todd C. Miller
684f62dd0f Fix an off by one error when reallocating the environment; Kevin Pye 2003-05-06 04:31:24 +00:00
Todd C. Miller
c6c8c99515 add DARPA credit on affected files 2003-04-16 00:42:09 +00:00
Todd C. Miller
dcf1a5acce Use warn/err and getprogname() throughout. The main exception is 
openlog().  Since the admin may be filtering logs based on the
program name in the log files, hard code this to "sudo".
 2003-04-02 18:25:30 +00:00
Todd C. Miller
48229cbac6 update copyright year 2003-03-15 20:31:02 +00:00
Todd C. Miller
b18a141ae9 Cast [ug]ids to unsigned long and printf with %lu 2003-03-15 20:19:58 +00:00
Todd C. Miller
7e05ae7a3b fix indentation 2003-03-15 17:51:45 +00:00
Todd C. Miller
eebc763bd3 Use strlc{at,py} for paranoia's sake and exit on overflow. In all 
cases the strings were either pre-allocated to the correct size of
length checks were done before the copy but a little paranoia can
go a long way.
 2003-03-13 20:00:45 +00:00
Todd C. Miller
7ce95c61c8 Use erealloc3() 2003-03-13 17:03:23 +00:00
Todd C. Miller
466216fe8e Remove DYLD_ from the environment for MacOS X; from bbraun 2003-03-04 02:47:24 +00:00
Todd C. Miller
f3ddf66e07 typo in comment 2002-05-17 17:20:57 +00:00
Todd C. Miller
0f60107a1c No need for dump_badenv() now that dump_defaults() knows how to dump lists. 2002-05-05 19:58:29 +00:00
Todd C. Miller
3f7d801880 Don't try to pre-compute the size of the new envp, just allocate 
space up front and realloc as needed.  Changes to the new env pointer
must all be made through insert_env() which now keeps track of
spaced used and allocates as needed.
 2002-05-02 19:40:25 +00:00
Todd C. Miller
a576207620 Use easprintf instead of emalloc + sprintf for some things. 2002-04-18 15:38:52 +00:00
Todd C. Miller
ea24bef19c The SHELL environment variable was preserved from the user's 
environment instead of being reset based on the passwd database
when the "env_reset" option was used.  Now it is reset as it should be.
 2002-01-15 23:43:59 +00:00
Todd C. Miller
1b6d4ad876 Add 'continue' statements to optimize the switch statement. From Solar. 2002-01-15 01:45:40 +00:00
Todd C. Miller
705c4c7515 Fix off by one error in number of bytes allocated via malloc (does not 
affected any released version of sudo).
 2001-12-31 05:53:23 +00:00
Todd C. Miller
087f5a7d56 Fix setting of $USER and $LOGNAME in the non-reset_env case. 
Also allow HOME, SHELL, LOGNAME, and USER to be specified in keep_env
 2001-12-18 17:42:37 +00:00
Todd C. Miller
46dd419cd9 o Reorder some headers and use STDC_HEADERS define properly 
o Update copyright year
 2001-12-14 19:52:47 +00:00