From 491b4495f56195edd2f15ef148293e6d328a66a5 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 31 Jan 2012 16:24:57 -0500 Subject: [PATCH] Fix the sudoers permission check when the expected sudoers mode is owner-writable. --- plugins/sudoers/sudoers.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c index fc6535842..168b23307 100644 --- a/plugins/sudoers/sudoers.c +++ b/plugins/sudoers/sudoers.c @@ -978,7 +978,7 @@ open_sudoers(const char *sudoers, bool doedit, bool *keepopen) log_error(USE_ERRNO|NO_EXIT, _("unable to stat %s"), sudoers); else if (!S_ISREG(statbuf.st_mode)) log_error(NO_EXIT, _("%s is not a regular file"), sudoers); - else if ((statbuf.st_mode & 07577) != sudoers_mode) + else if ((statbuf.st_mode & 07577) != (sudoers_mode & 07577)) log_error(NO_EXIT, _("%s is mode 0%o, should be 0%o"), sudoers, (unsigned int) (statbuf.st_mode & 07777), (unsigned int) sudoers_mode);