isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,641 Commits 1 Branch 0 Tags
d857334e619c4ffcd32809c8f45d3dd83d0162bb
Commit Graph

30 Commits

Author SHA1 Message Date
Todd C. Miller
304dc46d7f Add efree() for consistency with emalloc() et al. Allows us to rely 
on C89 behavior (free(NULL) is valid) even on K&R.
 2005-03-29 14:29:47 +00:00
Todd C. Miller
778d587063 Update copyright years. 2005-02-12 22:56:07 +00:00
Todd C. Miller
3b8b88407f Add __unused to rcsids 2005-01-27 15:42:30 +00:00
Todd C. Miller
1936aeb299 add sudo_ldap_close 2004-12-03 18:57:48 +00:00
Todd C. Miller
d88e6523a3 Use the double fork trick to avoid the monitor process being waited 
for by the main program run through sudo.
 2004-12-02 14:53:20 +00:00
Todd C. Miller
fe869025c4 Add support for command-specific Defaults entries. E.g. 
Defaults!/usr/bin/vi noexec
 2004-11-19 21:35:12 +00:00
Todd C. Miller
2c2daa8eca Use: #include <config.h> 
Not: #include "config.h"
That way we get the correct config.h when build dir != src dir
 2004-11-19 18:39:14 +00:00
Todd C. Miller
51375f969f Add local error/warning functions like err/warn but that call an additional 
cleanup routine in the error case.  This means we no longer need to compile
a special version of alloc.o for visudo.
 2004-11-15 15:53:53 +00:00
Todd C. Miller
ae2e26fd2f Cache passwd db entries in 2 reb-black trees; one indexed by uid, 
the other by user name.  The data returned from the cache should
be considered read-only and is destroyed by sudo_endpwent().
 2004-11-15 14:53:05 +00:00
Todd C. Miller
ce4b69f8b0 Working LDAP support; also remove a now-unneeded rewind(). 2004-10-26 22:21:02 +00:00
Todd C. Miller
2c91a58149 Call sudo_goodpath() *after* changing the cwd to match the traced process. 
Fixes relative paths.
 2004-10-23 17:32:20 +00:00
Todd C. Miller
163994c116 Just return if STRIOCINJECT or STRIOCREPLACE fail. It probably means 
we are out of space in the stack gap...
 2004-10-05 21:26:38 +00:00
Todd C. Miller
a7d63df1fb Take a stab at ldap sudoers support here. 2004-10-05 20:53:29 +00:00
Todd C. Miller
385dfb2696 Detach from tracee on SIGHUP, SIGINT and SIGTERM. Now "sudo reboot" 
doesn't cause reboot to inadvertanly kill itself.
 2004-10-05 19:13:56 +00:00
Todd C. Miller
6e2fb232a4 put "monitor" in the proctitle, not "systrace" 2004-10-05 18:21:26 +00:00
Todd C. Miller
f01c983f12 When modifying the environment, don't replace envp when we can get 
away with just rewriting pointers in the traced process.
 2004-10-05 18:15:35 +00:00
Todd C. Miller
dc368b59fb Add environment updating via STRIOCINJECT (if available). 2004-10-05 17:46:22 +00:00
Todd C. Miller
d7e43093ef Include file is now mon_systrace.h 2004-10-04 16:09:45 +00:00
Todd C. Miller
5eb4895b55 Fix some XXX 2004-10-01 19:06:44 +00:00
Todd C. Miller
e173a07c85 No need to include syscall.h, use 1024 as the max # of entries (the 
max that systrace(4) allows).

Only need to use SYSTR_POLICY_ASSIGN once

Change check_syscall() -> find_handler() and have it return the
handler instead of just running it.  We need this since handler now
have two parts: one part that generates and answer and another that
gets called after the answer is accepted (to do logging).

Add some missing check_exec for emul execv
 2004-10-01 18:30:20 +00:00
Todd C. Miller
7edec19902 Move all struct defs and prototypes into trace_systrace.h and mark all 
but systace_attach() static.
 2004-09-30 22:27:33 +00:00
Todd C. Miller
33badbaeaa Add support for tracing emulations. At the moment, all emulations are 
compiled in.  It might make sense to #ifdef them in the future, though
this impeeds readability.
 2004-09-30 22:14:34 +00:00
Todd C. Miller
27e83bacb1 Rewind sudoers_fp now that sudoers_lookup() doesn't do it for us. 2004-09-28 20:50:33 +00:00
Todd C. Miller
e4d64ce1d0 o Made children global so check_exec() can lookup a child. 
o Replaced uid in struct childinfo with struct passwd * (for runas)
o new_child() now takes a parent pid so the runas info can be inherited
o Added find_child() to lookup a child by its pid
o update_child() now fills in a struct passwd
o Converted the big if/else mess in set_policy to a switch
o Syscalls that change uid are now "ask" so we get SYSTR_MSG_UGID events
 2004-09-25 21:08:48 +00:00
Todd C. Miller
28736eb556 add missing increment of addr in read_string() 2004-09-25 20:58:11 +00:00
Todd C. Miller
649e2dac12 Remove bogus call to update_child() and some cosmetic fixes 2004-09-25 20:15:44 +00:00
Todd C. Miller
4e5c53e139 Don't leak /dev/systrace fd to tracee 
Make initialized global for simplicity
If STRIOCATTACH returns EBUSY we are already being traced
Check for user_args == NULL in setproctitle() call
Add missing calls to STRIOCANSWER
 2004-09-25 20:11:39 +00:00
Todd C. Miller
1131db0699 trim includes 2004-09-25 00:07:26 +00:00
Todd C. Miller
11edf288bd pass struct str_msg_ask in to syscall checker so it can set the error code 2004-09-24 18:09:47 +00:00
Todd C. Miller
d492138ff0 systrace(4) support for sudo. On systems with the systrace(4) kernel 
facility (OpenBSD, NetBSD, Linux w/ patches) sudo can intercept exec
calls and check the exec args against the sudoers file.
In other words, sudo can now control subcommands and shell escapes.
 2004-09-24 17:30:23 +00:00