mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 01:49:11 +00:00
Code Issues Releases Wiki Activity

direct_exec_allowed: don't allow for intercept or log_subcmds

Browse Source
This commit is contained in:
Todd C. Miller 2025-08-07 20:36:59 -06:00
parent f8ea98938b
commit c37eb11db8
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/exec.c
View File

@ -408,8 +408,11 @@ direct_exec_allowed(const struct command_details *details)
debug_decl(direct_exec_allowed, SUDO_DEBUG_EXEC);
/* Assumes sudo_needs_pty() was already checked. */
if (ISSET(details->flags, CD_RBAC_ENABLED|CD_SET_TIMEOUT|CD_SUDOEDIT) ||
policy_plugin.u.policy->close != NULL)
if (policy_plugin.u.policy->close != NULL)
debug_return_bool(false);
if (ISSET(details->flags, CD_RBAC_ENABLED|CD_SET_TIMEOUT|CD_SUDOEDIT))
debug_return_bool(false);
if (ISSET(details->flags, CD_INTERCEPT|CD_LOG_SUBCMDS))
debug_return_bool(false);
TAILQ_FOREACH(plugin, &audit_plugins, entries) {