isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,536 Commits 1 Branch 0 Tags
f6291bf83e434c44b51b47322a19d5c93f4eb956
Commit Graph

12536 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
fd0021ee5c Regen with latest autoconf git. 2023-01-27 14:44:45 -07:00
Todd C. Miller
1977f98d21 Fix a typo. 2023-01-27 14:44:45 -07:00
Todd C. Miller
94eafd2f08 Fix determination of the number of CPU cores on Linux. 2023-01-27 10:31:12 -07:00
Todd C. Miller
3b3089e4f5 Merge pull request #235 from kernelmethod/apparmor_dependencies 
Replace the Debian libselinux1 dependency with libapparmor1
 2023-01-26 13:12:47 -07:00
kernelmethod
8c9a8933b2 Replace the Debian libselinux1 dependency with libapparmor1 
Debian >= 10 uses AppArmor by default instead of SELinux, so
SELinux-related sudo features are typically going to be unusable in
Debian installs. This changes the dependency on libselinux1 to be a
dependency on libapparmor1 for .deb packages built with `make package`.
 2023-01-26 19:42:52 +00:00
Todd C. Miller
fe001b6ffe get_execve_info: defer setting pathname until argbuf is finalized 
If we reallocate the buffer (via growbuf()) in ptrace_read_vec(),
the address of argbuf may change.  If so, the value stored in
pathname will no longer be valid.  GitHub issue #194.
 2023-01-25 11:55:29 -07:00
Todd C. Miller
a32a54dced Correct error message when command doesn't exist in intercept mode. 
Previously, we would always use EACCES, even when ENOENT was
appropriate.  This also affected log_subcmds.
 2023-01-25 10:31:49 -07:00
Todd C. Miller
de021b60db Update .pot files for 1.9.13 2023-01-24 13:11:47 -07:00
Todd C. Miller
b9dc472bba Update for 1.9.13. 2023-01-23 14:01:34 -07:00
Todd C. Miller
d3afffec75 Include elf.h, not linux/elf.h but define NT_ARM_SYSTEM_CALL if missing. 
Older kernel headers are missing the definition of EM_ARM in linux/elf.h.
GitHub issue #232
 2023-01-23 13:55:23 -07:00
Todd C. Miller
e11bb93e26 Add tests for escaped digits. 2023-01-23 08:48:21 -07:00
Todd C. Miller
f6340068d1 check_pattern: handle escaped digits since GNU libc accepts them. 2023-01-23 08:02:25 -07:00
Todd C. Miller
2d9c0d9034 Add eventlog_store_sudo() and use it in sudoreplay. 
This replaces the custom log formatting used by "sudoreplay -l".
 2023-01-22 15:27:53 -07:00
Todd C. Miller
733303ed96 Add --build-only flag to skip building packages. 2023-01-21 09:43:15 -07:00
Todd C. Miller
ec79bbc8e0 Suport building packages on DragonFly BSD. 2023-01-20 15:08:31 -07:00
Todd C. Miller
f65a51afdf Try to link a simple shared object with -Wl,--no-undefined. 
This only works for gcc-style compilers, which should not be a
problem.  The source uses environ (FreeBSD) and errno (OpenBSD).
 2023-01-20 12:30:33 -07:00
Todd C. Miller
0010c98613 Pass the name to the config.cache file to the build script. 
If --cache-file is not specified, no config.cache file will be used.
Add an "omit_artifacts" setting for platforms where we don't publish
artifacts.
 2023-01-20 10:30:19 -07:00
Todd C. Miller
ee2f2287a6 check_pattern: accept a backslash before the numeric bound like glibc. 
This helps avoid out-of-memory conditions when fuzzing on Linux.
 2023-01-19 19:50:09 -07:00
Todd C. Miller
7a64275a3d Don't use -Wl,--no-undefined with the sanitizers/fuzzers. 
It breaks linking when using -fsanitize with clang at least.
 2023-01-19 19:40:35 -07:00
Todd C. Miller
c6cc680069 Add a link to the sudo security advisories archive. 2023-01-19 15:20:38 -07:00
Todd C. Miller
f7265f5de2 Eliminate usage of obsolete 2-argument AC_CHECK_TYPE macro. 2023-01-19 13:59:05 -07:00
Todd C. Miller
9ddae66818 Add support for the struct kinfo_proc on Dragonfly BSD. 2023-01-19 13:22:32 -07:00
Todd C. Miller
d409ba67c6 Elminate the $OS variable, we can just use $host_os instead. 2023-01-19 13:22:31 -07:00
Todd C. Miller
cb56fd2edb Need to link sudo and sudoers with -lutil on Dragonfly BSD. 
It is safer to just search for setusercontext() in libc and libutil
instead of matching on the operating system.
 2023-01-19 13:22:31 -07:00
Todd C. Miller
83b4cee98a Add -Wl,--no-undefined to LDFLAGS if it is supported. 
This will find missing symbols at build-time instead of run-time.
Don't use it on FreeBSD where environ is filled in by the dynamic loader.
We also need to pull in -llber with -lldap where possible (instead
of relying on DT_NEEDED) to avoid undefined symbol errors when
building with LDAP support.
 2023-01-19 07:47:10 -07:00
Todd C. Miller
1e0bb704c2 Restore the line that set errno to ENOENT when find_path() fails. 
This was inadvertently removed when the "goto bad" was added.
 2023-01-19 10:08:38 -07:00
Todd C. Miller
e3583e01b8 The sample plugin is now built by default to avoid bit rot. 
GitHub issue #234.
 2023-01-19 07:38:51 -07:00
Todd C. Miller
4f9da47e55 The change from sudo_printf -> sudo_plugin_printf was incomplete. 
Fixes GitHub issue #234.
 2023-01-19 07:38:29 -07:00
Todd C. Miller
544c978217 Solaris: use lt_prog_compiler_pic instead of assuming -KPIC 2023-01-18 16:05:52 -07:00
Todd C. Miller
e72d75d38e Solaris: the aslr, nxheap and nxstack link options are only for executables. 
Move them back to PIE_LDFLAGS, which is only used when linking a binary.
 2023-01-18 15:38:31 -07:00
Todd C. Miller
7d4666656e Solaris: move aslr linker option to hardening and try to build real PIEs 
These flags are specific to the Solaris linker.
 2023-01-18 15:14:55 -07:00
Todd C. Miller
b44ad49bf7 Enable non-executable heap and stack options for Solaris ld. 2023-01-18 14:54:20 -07:00
Todd C. Miller
73c52e731a Limit some of the hardening tests to compilers that define __GNUC__. 
This should avoid false positives on other compilers.
 2023-01-18 14:39:52 -07:00
Todd C. Miller
7ff70c09fe Update expected plugin version. 2023-01-18 13:53:33 -07:00
Todd C. Miller
0865e61d9e Pass back the number of files to edit when using sudoedit. 
The sudo front-end can use this to determine where the list of files
to edit begins.
 2023-01-18 13:38:15 -07:00
Todd C. Miller
334daf92b3 Escape control characters in log messages and "sudoreplay -l" output. 
The log message contains user-controlled strings that could include
things like terminal control characters.  Space characters in the
command path are now also escaped.

Command line arguments that contain spaces are surrounded with
single quotes and any literal single quote or backslash characters
are escaped with a backslash.  This makes it possible to distinguish
multiple command line arguments from a single argument that contains
spaces.

Issue found by Matthieu Barjole and Victor Cutillas of Synacktiv
(https://synacktiv.com).
 2023-01-18 08:21:34 -07:00
Todd C. Miller
77557f8f19 Merge in sudo 1.9.12p2 changes. 2023-01-18 08:21:25 -07:00
trackers-love
326f013cfa Return value does not match 2023-01-17 12:24:45 +08:00
Todd C. Miller
3726e38394 Stop using 8n width in tagged lists. 
Use either 4n, when the body is expected to wrap or the width of
the longest tag when no wrapping is expected.
 2023-01-16 08:53:35 -07:00
Todd C. Miller
0814749132 Use -width Ds for the options list, not -width Fl. 2023-01-16 08:29:39 -07:00
Todd C. Miller
a7e8a20d0d Reduce the offset of bullet lists to 1n. 2023-01-16 08:15:46 -07:00
Todd C. Miller
1eae385af1 Shorten --with-passprompt and --with-mailsubject arguments to a single word. 
The script that generates the web version of this file doesn't
expect options to include whitespace.
 2023-01-16 07:51:47 -07:00
Todd C. Miller
f0665166bd Shorten --with-badpass-message argument to a single word. 
The fix_install script can't deal with whitespace in options.
 2023-01-15 17:53:09 -07:00
Todd C. Miller
e5634ae991 Make numbered lists more markdown-friendly. 
Also add line breaks when there are multiple authors.
 2023-01-15 16:48:38 -07:00
Todd C. Miller
49ad30efa3 Make lists of directories more markdown-friendly. 2023-01-15 16:34:06 -07:00
Todd C. Miller
6725c37e3c Check for errors when removing the temp directory. 
If we cannot remove the directory tree that may indicate a file or
directory mode problem.
 2023-01-12 19:20:17 -07:00
Todd C. Miller
8d7feb76ed iolog_mkdtemp: fix pasto in last commit 
Set mode to iolog_dirmode, not iolog_filemode
 2023-01-12 19:15:22 -07:00
Todd C. Miller
0274a4f3b4 sudoedit: do not permit editor arguments to include "--" (CVE-2023-22809) 
We use "--" to separate the editor and arguments from the files to edit.
If the editor arguments include "--", sudo can be tricked into allowing
the user to edit a file not permitted by the security policy.
Thanks to Matthieu Barjole and Victor Cutillas of Synacktiv
(https://synacktiv.com) for finding this bug.
 2023-01-12 15:55:27 -07:00
Todd C. Miller
a960d2c45f Add back the linker check for -fstack-clash-protection. 
This is expected to fix GitHub issue #231.
 2023-01-17 16:19:29 -07:00
Todd C. Miller
0b2f9cbe7c In SHA256Pad and SHA512Pad use 511 and 1023 respectively for bitwise AND. 
Previously we were using 504 and 1016 which still produces the
correct result since padding is done in 8-bit bytes.  However, using
size-1 for the bitwise AND makes the intent clearer and likely would
have prevented the previous bug in SHA512Pad.
From Matthieu Barjole and Victor Cutillas of Synacktiv (https://synacktiv.com)
 2023-01-09 14:37:47 -07:00