isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,685 Commits 1 Branch 0 Tags
e3edd7a09a7b9bb33fceec15ce720f68f57811f0
Commit Graph

12685 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
e3edd7a09a Add example for disabling intercept/log_subcmds for certain commands. 2023-10-18 17:35:40 -06:00
Todd C. Miller
78edde5ea1 Use NSIG instead of nitems(array) for the loop bound. 
This matches the sudo_sys_siglist[] and sudo_sys_signame[] declarations.
 2023-10-18 13:32:08 -06:00
Todd C. Miller
385d506d35 tsdump: fix compiler warnings 2023-10-18 10:02:16 -06:00
Todd C. Miller
14d514e5ac Avoid using %zu or %zd with printf() and fprintf(). 
This prevents problems on systems where the system printf(3) is not
C99-compliant.  We use our own snprintf() on such systems so that
is safe.
 2023-10-17 20:14:53 -06:00
Todd C. Miller
58d6554a78 Use vsnprintf() instead of vfprintf() for sudo_printf() to avoid 
problems on systems where the system printf(3) is not C99-compliant.
We use our own snprintf() on such systems.
 2023-10-17 20:09:16 -06:00
Todd C. Miller
cf9fc5317e strlcpy_expand_host, sudo_getdelim, sudo_realpath: add restrict qualifier 2023-10-17 10:47:43 -06:00
Todd C. Miller
29ddd26793 Fixed GitHub issue #312. 2023-10-17 10:28:55 -06:00
Rose
97f8052427 Add restrict to strlcpy and expand_prompt 2023-10-17 10:33:15 -06:00
Todd C. Miller
fabb6264fc Better handling of multiple sudo processes modifying terminal settings. 
1. Lock the terminal before tcgetattr/tcsetattr
2. Don't restore terminal settings if changed by another process
3. Don't set terminal to raw mode if it is already raw
GitHub issue #312
 2023-10-16 19:27:27 -06:00
Todd C. Miller
2f80865e73 Add a little extra debugging info. 2023-10-16 12:07:35 -06:00
Rose
b2a44430b5 Redundant cast removal in sudoers_hooks 
def_sudoers_locale is already a char*
 2023-10-15 11:25:28 -06:00
Rose
e095069d2a Prefer fputs over fprintf where possible 
fprintf does extra work and meant for formatting strings.
 2023-10-15 10:28:57 -06:00
Rose
a4cbd7fe7b Swap calloc arguments to use them properly. 2023-10-15 10:19:58 -06:00
Rose
dd8426f9cf Specify 1U over 1 for bitmaps 2023-10-14 16:23:59 -06:00
Todd C. Miller
873e0de078 ptrace_intercept_execve: make flags unsigned to match command_details 2023-10-14 16:12:06 -06:00
Todd C. Miller
2d437c793d Fix spelling: resistent -> resistant 2023-10-12 10:20:34 -06:00
Todd C. Miller
98c2eeafd5 Add plugins/sudoers/tsgetusershell.c to ignore files. 2023-10-05 13:59:44 -06:00
Alexander F. Rødseth
07426f8a1a Add Orbiton ("o") to the list of editors that supports +lineno 2023-10-02 14:44:10 -06:00
Alexander F. Rødseth
356ea96ef7 Sort the list of editors that supports +lineno 2023-10-02 14:44:10 -06:00
Todd C. Miller
9a715b6941 Fix compatibility with older versions of (new) awk. 
Do not rely on awk supporting "-f -" to read the program from stdin.
Avoid using POSIX character classes in regular expressions.
 2023-10-02 10:31:55 -06:00
Todd C. Miller
3141f63b25 Mention potential problems with log_subcmds and intercept. 2023-09-28 17:01:02 -06:00
Todd C. Miller
f6561bc974 Add more user info to the list of objects to be garbage-collected at exit. 2023-09-28 13:37:42 -06:00
Todd C. Miller
344e0daecc Use long, not long long, when getting/setting numeric attributes. 
We use int or long, not long long, in the Python plugin.
 2023-09-27 16:35:39 -06:00
Todd C. Miller
1398289fab Add casts when storing values in a struct timespec. 
Fixes -Wconversion warnings on some 32-bit systems where time_t is
still 32-bit.
 2023-09-27 15:11:10 -06:00
Todd C. Miller
9cc57f4936 sudo_file_open: initialize parser before calling open_sudoers(). 
Otherwise, the parser_conf settings in the context passed to
sudo_file_open() will not be honored by open_sudoers().
Affected settings include ignore_perms, sudoers mode, uid and gid.
 2023-09-27 15:16:18 -06:00
Rose
b2f8c5666d Use U, not UL, for 32-bit platforms 
size_t is an unsigned int on 32-bit platforms, not an unsigned long.
 2023-09-27 14:43:09 -06:00
Todd C. Miller
837f400ac8 digest_matches: actually use fd2 in place of fd as needed. 2023-09-26 11:51:10 -06:00
Todd C. Miller
ff2d8464cf digest_matches: if fd argument is -1, try to open path before failing 2023-09-26 11:44:37 -06:00
Todd C. Miller
4d4279d0ca Add missing execute bit on some test scripts. 2023-09-26 10:58:36 -06:00
Todd C. Miller
29feb41da2 max_groups in sudoers_plugin_settings is no longer used. 2023-09-25 11:32:15 -06:00
Todd C. Miller
e343e07543 Use #include <foo.h> instead of #include "foo.h" in most cases. 
We rely on the include path to find many of these headers.  It
especially doesn't make sense to use #include "foo.h" for headers
in the top-level include directory.
 2023-09-25 10:13:28 -06:00
Todd C. Miller
884b025962 Bump xcode to 14.2.0 2023-09-25 08:21:43 -06:00
Todd C. Miller
1c13b8a628 Add support for "plugin" defaults type. 2023-09-24 16:28:36 -06:00
Todd C. Miller
c1708f0cf1 Support multiple input files. 2023-09-24 16:27:22 -06:00
Todd C. Miller
171abbe112 No need to loop reading from/writing to a blocking socketpair. 
This removes some infinite loops that can cause static analyzer
warnings.  The fds are not in non-blocking mode and we use restartable
system calls so there is no need to loop.
 2023-09-22 10:53:41 -06:00
Todd C. Miller
1c7d757b79 check_user: fix return value for intercept mode 
Also use early return on error to quiet a PVS-Studio warning.
 2023-09-22 10:38:46 -06:00
Todd C. Miller
988d7f60f0 Set ec->term_raw to false even if sudo_term_restore() fails. 
Either the fd is not a terminal or we don't have the controlling
terminal.  Either way, we can't know the current status of the
terminal and will need to set to raw mode again (if possible).  Also
make sure to set ec->term_raw to false if sudo_term_raw() fails.
 2023-09-21 14:13:17 -06:00
Todd C. Miller
f2d267bfb4 Only define _PATH_ENVIRONMENT on systems where we use /etc/environment. 2023-09-20 16:49:27 -06:00
Todd C. Miller
0c67456923 Sudo assumes that a uid_t can be cast to unsigned int without problems. 
Add a configure check and error out if sizeof(uid_t) > 4.
 2023-09-20 11:25:48 -06:00
Todd C. Miller
f4acc43663 Mention the time stamp and lecture file name changes in 1.9.15. 2023-09-20 09:00:29 -06:00
Todd C. Miller
37ee2946aa sudo 1.9.15 2023-08-24 09:28:45 -06:00
Todd C. Miller
d9da92951a Replace '/' with '_' in paths using the user, group or host name. 2023-09-20 09:00:27 -06:00
Todd C. Miller
7363ad7b32 Use the user-ID instead of user-name for the timestamp and lecture file. 
This avoids problems if the user name itself contains a path separator.
 2023-09-11 10:27:35 -06:00
Todd C. Miller
94b80e3ad4 Replace MAX_UID_T_LEN with calls to STRLEN_MAX_UNSIGNED. 2023-09-19 15:16:30 -06:00
Todd C. Miller
d53bbb54b2 Add macros to determine the length of an integer type in string form. 
Adapted from answer #6 in:
https://stackoverflow.com/questions/10536207/ansi-c-maximum-number-of-characters-printing-a-decimal-int
 2023-09-19 15:15:02 -06:00
Todd C. Miller
221a10340c visudo: use verbose and strict in parser_conf 
Where the sudoers_context is available we can use the values
of verbose and strict instead of passing around quiet and
strict flags.
 2023-09-18 13:47:25 -06:00
Todd C. Miller
6e75f2311d Add resolve_cmnd(), a wrapper around find_path(). 
This is a convenience function that sets PERM_RUNAS and calls
find_path().  If the command is not found it will retry with PERM_USER
instead.
 2023-09-18 12:42:51 -06:00
Todd C. Miller
8fcb21b5cd Promote strict field in sudoers_parser_config from bool to int. 
This will be used by visudo to indicate when "visudo -s" is run.
 2023-09-18 12:42:51 -06:00
Todd C. Miller
e28dc0f275 Add parser_warnx() and parser_vwarnx() that displays file:line:col 
Used by defaults.c and check_aliases.c.
 2023-09-18 12:42:51 -06:00
Todd C. Miller
3a77314373 Add a separate file for visudo callbacks. 2023-09-18 12:42:51 -06:00