From 63e7aa99423b60f5a85a9325e57e27efcd5887be Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Thu, 30 Jan 2014 16:15:03 -0700
Subject: [PATCH] Fix checking of lecture status.

---
 plugins/sudoers/timestamp.c | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/plugins/sudoers/timestamp.c b/plugins/sudoers/timestamp.c
index c5c9e0343..c14db3dd7 100644
--- a/plugins/sudoers/timestamp.c
+++ b/plugins/sudoers/timestamp.c
@@ -503,20 +503,21 @@ done:
 bool
 already_lectured(int unused)
 {
-    char lecture_status[PATH_MAX];
+    char status_file[PATH_MAX];
     struct stat sb;
     int len;
     debug_decl(already_lectured, SUDO_DEBUG_AUTH)
 
-    len = snprintf(lecture_status, sizeof(lecture_status), "%s/%s",
-	def_lecture_status_dir, user_name);
-    if (len <= 0 || (size_t)len >= sizeof(lecture_status)) {
-	log_fatal(0, N_("lecture status path too long: %s/%s"),
+    if (ts_secure_dir(def_lecture_status_dir, false)) {
+	len = snprintf(status_file, sizeof(status_file), "%s/%s",
 	    def_lecture_status_dir, user_name);
+	if (len <= 0 || (size_t)len >= sizeof(status_file)) {
+	    log_fatal(0, N_("lecture status path too long: %s/%s"),
+		def_lecture_status_dir, user_name);
+	}
+	debug_return_bool(stat(status_file, &sb) == 0);
     }
-
-    debug_return_bool(ts_secure_dir(def_lecture_status_dir, false) &&
-	stat(lecture_status, &sb) == 0);
+    debug_return_bool(false);
 }
 
 /*