mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-29 13:28:10 +00:00
Code Issues Releases Wiki Activity

commands can start with ./* not just /* -- fixes a serious security hole.

Browse Source
This commit is contained in:
Todd C. Miller 1998-01-13 04:10:08 +00:00
parent 07e09b16f2
commit ab9b352455
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
parse.c
View File

@ -218,7 +218,7 @@ int command_matches(cmnd, user_args, path, sudoers_args)
static char *c; static char *c;
/* don't bother with pseudo commands like "validate" */ /* don't bother with pseudo commands like "validate" */
if (*cmnd != '/') if (*cmnd != '/' && *cmnd != '.')
return(FALSE); return(FALSE);
/* only need to stat cmnd once since it never changes */ /* only need to stat cmnd once since it never changes */