mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-09-02 07:15:27 +00:00
Code Issues Releases Wiki Activity

Unset "secure_path" if user_is_exempt()

Browse Source
This commit is contained in:
Todd C. Miller
2001-12-14 06:26:55 +00:00
parent 2cbd965d63
commit f590093e46
2 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
find_path.c
View File

@@ -104,7 +104,7 @@ find_path(infile, outfile, path)
} }
/* Use PATH passed in unless SECURE_PATH is in effect. */ /* Use PATH passed in unless SECURE_PATH is in effect. */
if (def_str(I_SECURE_PATH) && !user_is_exempt()) if (def_str(I_SECURE_PATH))
path = def_str(I_SECURE_PATH); path = def_str(I_SECURE_PATH);
else if (path == NULL) else if (path == NULL)
return(NOT_FOUND); return(NOT_FOUND);

6
sudo.c
View File

@@ -245,6 +245,12 @@ main(argc, argv, envp)
/* Validate the user but don't search for pseudo-commands. */ /* Validate the user but don't search for pseudo-commands. */
validated = sudoers_lookup(pwflag); validated = sudoers_lookup(pwflag);
/* Exempt users aren't affected by secure paths. */
if (user_is_exempt() && def_str(I_SECURE_PATH)) {
free(def_str(I_SECURE_PATH));
def_str(I_SECURE_PATH) = NULL;
}
/* /*
* Look up runas user passwd struct. If we are given a uid then * Look up runas user passwd struct. If we are given a uid then
* there may be no corresponding passwd(5) entry (which is OK). * there may be no corresponding passwd(5) entry (which is OK).