isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,701 Commits 1 Branch 0 Tags
d0847eb01f0b29042b907d1c286036e89f46032c
Commit Graph

2701 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
572b4cf39a Don't try and build saved uid version of set_perms on systems w/o them. 
Rename set_perms_saved_uid() -> set_perms_posix()
Make set_perms_setreuid simply be set_perms_fallback() and simply include
  the appropriate function at compile time (setreuid() vs. setuid()).
 2000-12-30 03:59:40 +00:00
Todd C. Miller
9318379d83 PATH is also preserved when env_reset is in effect 2000-12-30 03:45:31 +00:00
Todd C. Miller
998631b73a New Defaults options: 
o stay_setuid - sudo will remain setuid if system has saved uids or setreuid(2)
 o env_reset - reset the environment to a sane default
 o env_keep - preserve environment variables that would otherwise be cleared

No longer use getenv/putenv/setenv functions--do environment munging by hand.
Potentially dangerous environment variables can be cleared only if they
contain '/' pr '%' characters to protect buggy programs.
Moved environment routines into env.c (new file)
 2000-12-30 03:29:47 +00:00
Todd C. Miller
f88c0c930b Clear up --without-passwd description 2000-12-30 03:17:58 +00:00
Todd C. Miller
679fee0f5a We now build up a new environment from scratch and assign it to "environ". 2000-12-30 00:39:36 +00:00
Todd C. Miller
211d8c7de0 Grammatical fixes from Paul Janzen 2000-12-19 03:35:07 +00:00
Todd C. Miller
6448c3523e If there was a syntax error and the user just wants to quit, unlink 
sudoers if it is zero length.
 2000-12-15 04:19:24 +00:00
Todd C. Miller
f14cf7973d 'Q' means ignore parse error, not 'q' 2000-12-15 04:10:54 +00:00
Todd C. Miller
02559d3447 Open sudoers for writing with mode SUDOERS_MODE 
From Dimitry Andric <dim@xs4all.nl>
 2000-12-15 03:57:53 +00:00
Todd C. Miller
744917ed67 Add missing #ifdef HAVE_LOGIN_CAP_H; ayamura@ayamura.org 2000-12-13 17:23:07 +00:00
Todd C. Miller
21cdac6b02 Darwin / Mac OS X support from Wilfredo Sanchez <wsanchez@apple.com> 2000-12-09 16:46:19 +00:00
Todd C. Miller
7ce284a132 Use exit(127), not exit(-1) 2000-11-03 14:36:32 +00:00
Todd C. Miller
7ea65e54bd Move set_perms() to its own file and use POSIX saved uid or setreuid() 
if available.

Added stay_setuid option for systems that have libraries that perform
extra paranoia checks in system libraries for setuid programs (ie:
anything with issetugid(2)).
 2000-11-03 05:37:44 +00:00
Todd C. Miller
70f16a284d strip more bits from the environment and add a facility for stripping 
things only if they contain '/' or '%' to address printf format string
vulnerabilities in other programs.
 2000-11-03 01:28:54 +00:00
Todd C. Miller
c3233194c1 regen 2000-11-02 17:55:13 +00:00
Todd C. Miller
8eb4848586 For NCR, add -lc89 to LIBS, not SUDO_LIBS and cache the existence 
of strcasecmp().
 2000-11-02 17:55:06 +00:00
Todd C. Miller
9ea228b399 regen 2000-11-02 17:46:39 +00:00
Todd C. Miller
7e7efac423 Check for strcasecmp(3) in -lc89 for NCR Unix 2000-11-02 17:46:29 +00:00
Todd C. Miller
43905f4d7b Define HAVE_INNETGR #ifdef HAVE__INNETGR 2000-11-01 15:22:08 +00:00
Todd C. Miller
ff9bbf0bde regen 2000-11-01 15:17:36 +00:00
Todd C. Miller
4fdb825a09 Add check for _innetgr(3) since NCR systems have that instead of 
innetgr(3).
 2000-11-01 15:17:25 +00:00
Todd C. Miller
92f5fad805 check return value of creadcfg() 
call sd_close() after sd_auth()
store username in sd->username so we don't rely on the USER env variable
 2000-10-31 19:16:52 +00:00
Todd C. Miller
7e49858217 document --with-bsdauth 2000-10-30 04:00:29 +00:00
Todd C. Miller
60c1253c8c regen 2000-10-30 03:57:04 +00:00
Todd C. Miller
e9d00a88b1 --with-bsdauth assumes --with-logincap 2000-10-30 03:56:54 +00:00
Todd C. Miller
2ec9c6a45d When prompting for a response to a challenge, if the user just hits return 
then reprompt with echo turned on.
 2000-10-30 03:45:11 +00:00
Todd C. Miller
f31d6ce259 Remove debugging code that should not have been committed, oops. 2000-10-29 22:31:42 +00:00
Todd C. Miller
84baa91273 Use lower-level routines and get the password ourselves. 
Checks for a challenge and if there is one echo is not turned off.
 2000-10-29 22:31:13 +00:00
Todd C. Miller
7a93a4aa75 minor housekeeping, no real code changes 2000-10-29 22:30:22 +00:00
Todd C. Miller
e23d30b913 Fix a coredump in the logging functions if gethostname(2) fails 
by deferring the call to log_error() until things are better setup.

Fix return value of set_loginclass() in non-BSD-auth case.

Hard-code 'sudo' in the usage message so we can fit more options on a line
 2000-10-27 22:41:48 +00:00
Todd C. Miller
2ad0d64a1a Fix errant ';' (typo) that broken MSG_ONLY 2000-10-27 22:35:42 +00:00
Todd C. Miller
dea1ce4d3e regen 2000-10-26 17:03:55 +00:00
Todd C. Miller
975a58f6c4 Document -a flag 2000-10-26 17:01:50 +00:00
Todd C. Miller
0208b22686 Add support for BSD authentication. 2000-10-26 16:42:40 +00:00
Todd C. Miller
e7ee4f9885 Fix typo; from sato@complex.eng.hokudai.ac.jp 2000-10-19 14:09:07 +00:00
Todd C. Miller
2365c52b21 Mention negating umask 2000-10-12 13:49:45 +00:00
Todd C. Miller
04777172c0 Allow user to specify umask of 0777 (same as !umask) 2000-10-12 05:30:30 +00:00
Todd C. Miller
44b9e4d4b3 Fix a typo and give a URL for the sudo history. 2000-10-09 01:46:55 +00:00
Todd C. Miller
ded7261fad fix typos; pepper@reppep.com 2000-10-08 16:25:58 +00:00
Todd C. Miller
9745a31948 sudo_setenv() now exits on memory alloc failure instead of returning -1. 2000-09-14 20:48:58 +00:00
Todd C. Miller
deb5b07f40 Strip out NLSPATH and PATH_LOCALE from the environment for FreeBSD 
and possibly others.
 2000-09-07 21:41:16 +00:00
Todd C. Miller
2ff3a2315e Don't use vsyslog(3) since HP-UX (and others?) lack it. This means 
that "%m" won't be expanded but we don't use that anyway since the
logging routines may splat to stderr as well.
 2000-09-07 14:43:26 +00:00
Todd C. Miller
ed7827decc Add always_set_home variable 2000-09-07 01:35:39 +00:00
Todd C. Miller
4f743f06be Have to hard code default values in help since the defaults 
are set _after_ the help stuff.
 2000-09-07 01:24:45 +00:00
Todd C. Miller
d64ad77515 Allow special characters (including '#') to be embedded in pathnames 
if quoted by a '\\'.  The quoted chars will be dealt with by fnmatch().
Unfortunately, 'sudo -l' still prints the '\\'.
 2000-08-31 17:08:35 +00:00
Todd C. Miller
641e30612f Better path searching for programs we need. 2000-08-13 21:10:49 +00:00
Todd C. Miller
81cf72ec6e Add section on "C compiler cannot create executables" errors. 2000-08-13 21:10:28 +00:00
Todd C. Miller
87ccf62b70 Crank version 2000-08-13 21:10:00 +00:00
Todd C. Miller
fafefc1df9 Substitute values from configure into man pages. 2000-08-13 21:09:22 +00:00
Todd C. Miller
6525e882a4 The listpw and verifypw sudoers options would not take effect because 
the value of the default was checked *before* sudoers was parsed.
Instead of passing in the value of PWCHECK_* to sudoers_lookup(),
pass in the arg for def_ival() so the check can be deferred until
after sudoers is parsed.
 2000-08-12 20:48:29 +00:00