mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 01:49:11 +00:00
Code Issues Releases Wiki Activity
12,911 Commits 6 Branches 326 Tags
Commit Graph

12911 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
9d49f861c8 Run igor on other docs too, not just man pages 2024-10-28 09:33:23 -06:00
Todd C. Miller
5180dd8021 Remove trailing whitespace 2024-10-28 09:23:42 -06:00
Ikko Eltociear Ashimine
28df79a24b docs: update NEWS 
minor fix
 2024-10-28 08:57:15 -06:00
Todd C. Miller
17aa7688c9 sudo_pam_verify: move PAM_USER after getpass_error check 
Move it into the PAM_SUCCESS case of the switch *pam_status switch.
 2024-10-05 16:49:39 -06:00
Todd C. Miller
52c73b8f51 Fix indentation 2024-10-05 14:32:26 -06:00
Marco Trevisan (Treviño)
a68e821ef9 plugins/pam: Check the user didn't change during PAM transaction 
PAM modules can change the user during their execution, in such case,
sudo would still use the user that has been provided giving potentially
access to another user with the credentials of another one.

So prevent this to happen, by ensuring that the final PAM user is
matching the one which started the transaction
 2024-10-05 11:09:36 -06:00
Célestin Matte
05b5de538b Fix typo in sudoer file comment 2024-09-28 16:52:20 -06:00
Todd C. Miller
f6e1a87be8 Document "--with-secure-path-value=no" 2024-09-21 14:09:44 -06:00
Rose
77672d83c4 Put restrict qualifers in strvec_join function pointer 2024-09-21 14:08:13 -06:00
Andy Fiddaman
131e7e2de0 Allow --secure-path-value=no 
This adds support for --with-secure-path-value=no to allow packagers
to ship the sudoers configuration file with the secure path
line commented out if required.
 2024-09-21 14:03:24 -06:00
Todd C. Miller
ae5cf31a9d Update CIFuzz GitHub action 2024-09-13 12:23:20 -06:00
Todd C. Miller
0cbddb6939 alias_error: display the file and line info for the duplicate alias 
Having the file and line of the previous alias definition should
make it easier to fix duplicate alias errors.
 2024-09-13 11:56:09 -06:00
Todd C. Miller
d001abc8ee On AIX, psinfo.pr_ttydev is 0 when a process has no terminal. 
On most other systems, psinfo.pr_ttydev is -1 for processes
with no associated terminal.  GitHub issue #408
 2024-09-11 16:27:51 -06:00
Ferdinand Bachmann
ce36f01def Add pam_silent setting to sudoers example config 2024-09-09 19:54:46 -06:00
Ferdinand Bachmann
915935ab65 Fix version typo for pam_silent option in sudoers man page 2024-09-09 19:53:43 -06:00
Todd C. Miller
22b320645c Fix the date written used by the exit record in sudo-format log files 
The change to always get the current time when building a struct
evlog in sudoers broke the data and time written for exit records.
This only affected file-based logs, not syslog.  GitHub issue #405.
 2024-09-06 13:05:47 -06:00
Arjen Lentz
f47c88065a Fixed typo in exec_ptrace.c 2024-09-04 08:41:35 -06:00
Todd C. Miller
3e12cacc0f Better test for cross-compiling when checking for C99 snprintf 
We want to avoid calling AX_FUNC_SNPRINTF entirely if cross-compiling
since it is not possible to undo the setting of PREFER_PORTABLE_SNPRINTF.
The previous attempt to do this failed to take into account that
PREFER_PORTABLE_SNPRINTF would still be defined.  GitHub issue #969
 2024-09-02 17:10:19 -06:00
Todd C. Miller
4751a4d2dd Make a ttydev parse error non-fatal for now 
This is new for sudo 1.9.16 so we don't want to break sudo if there
ends up being a bug in formatting dev_t from the front-end.
 2024-08-15 09:31:48 -06:00
Todd C. Miller
6a5a8f58e9 Document that ttydev is formatted as a long long. 2024-08-14 07:56:50 -06:00
Todd C. Miller
cc8c43c4d6 Format ttydev as (signed) long long, not unsigned. 
Now that we parse ttydev as a long long it makes more sense to
format it the same way.  This completely avoids the sign extension
issue on systems where dev_t is signed.
 2024-08-14 07:53:00 -06:00
Todd C. Miller
6b90acbfb7 Fix sign compare warning 
Store the result of asprintf() in an int, not size_t.
 2024-08-13 21:16:38 -06:00
Todd C. Miller
46274e725e Fix formatting of ttydev on systems with signed 32-bit dev_t 
If dev_t is 32-bit and signed, formatting as an unsigned long long
may result in a bogus value due to sign extension.
 2024-08-13 20:07:28 -06:00
Todd C. Miller
f3aa3f1f28 get_process_ttyname() now returns a dev_t, not a string. 2024-08-13 19:52:00 -06:00
Rose
e9e0096a19 Restrict-qualify glob and its functions 
glob is restrict-qualified in the standard
 2024-08-13 13:01:28 -06:00
Rose
82eac2b413 Restrict-qualify sudo_hexchar_v1 
sudo_hexchar_v1 requires an array of at least size-2, and is not aliased.
 2024-08-13 12:54:43 -06:00
Todd C. Miller
827fa8b76d Use sudo_strtonum() instead of strtoull(). 
Fixes building on systems that lack strtoull().  While dev_t is
unsigned on most systems, we can still use sudo_strtonum() here as
long as we allow the full range of values [LLONG_MIN,LLONG_MAX].
We don't use strtoul() here since some 32-bit systems have 64-bit
dev_t.
 2024-08-13 12:43:10 -06:00
Rose
cba5d2a5c9 Use static declaration for array sizes to uuid functions 2024-08-13 12:21:03 -06:00
Todd C. Miller
6f8dfd9686 Include time.h if missing utimensat() or futimens(). 
Now that we declare these as taking a timespec array we cannot get
away with a simple forward declaration.
 2024-08-13 10:19:26 -06:00
Rose
e7483ae8e9 Restrict-qualify stat_multiarch 2024-08-13 09:47:57 -06:00
Rose
7269ee2be8 Replace sudo_stat_plugin with sudo_qualify_plugin, as sudo_stat_plugin does not exist 
sudo_qualify_plugin was probably meant instead.
 2024-08-13 09:45:08 -06:00
Todd C. Miller
e3fd614e7e Sync base64_encode and base64_decode prototypes with parse.h. 2024-08-13 08:09:24 -06:00
Rose Silicon
60b6f30022 Restrict-qualify dst in base64_decode 
Definition restrict qualifies but not declaration in header.
 2024-08-13 08:07:07 -06:00
Rose
f96e6d1340 Use the full definition of the emulated function that is missing 2024-08-12 13:12:38 -06:00
Rose
787a64f514 Use restrict to optimize sudo_uuid_to_string_v1 2024-08-12 13:10:37 -06:00
Rose
818aae38ce Add restrict qualifiers to base64_decode and base64_encode 2024-08-12 10:54:45 -06:00
Rose
85d08e96bd Restrict-qualify iolog_path_escapes like we do with check_iolog_path 
Also add it to the function pointer definition to act as a hint to use restrict in the various copy functions.
 2024-08-12 10:15:21 -06:00
Rose
36cea6e5fd sudo_uuid_to_string_v1's first argument should be const 
uuid is not modified.
 2024-08-12 09:20:05 -06:00
Todd C. Miller
1381a69f59 Use FD_CLOEXEC instead of just 1 2024-08-02 19:48:41 -06:00
Todd C. Miller
f6064b04c3 Mention --with-secure-path-value configure option 2024-07-28 16:13:01 -06:00
Todd C. Miller
e24737eac9 Add --with-secure-path-value option 
This can be used by package maintainers to set the value of secure_path
that is substituted into the default sudoers file.
 2024-07-28 15:44:07 -06:00
Todd C. Miller
986fdec537 Rename secure_path_set -> secure_path_status 2024-07-28 15:11:42 -06:00
Todd C. Miller
a5f5ceecf1 regen 2024-07-28 15:13:05 -06:00
Todd C. Miller
cb2457410a Updated translations from translationproject.org 2024-07-27 10:17:59 -06:00
Todd C. Miller
200af679dc Add sudo_logsrv.proto manual cross-reference. 2024-07-14 18:55:21 -06:00
Todd C. Miller
9837fa1413 Late changes for 1.9.16 2024-07-07 14:10:08 -06:00
Todd C. Miller
920710b186 If cross-compiling with a C99 compiler, assume snprintf is compliant. 
This is a better default than assuming it is not compliant (the
previous behavior) when cross-compiling.  These days it is rare for
sudo to be built on pre-C99 systems.  GitHub issue #969
 2024-07-02 19:55:29 -06:00
Todd C. Miller
fc051ceff5 Reference schema.IBM_LDAP. 2024-06-25 20:14:21 -06:00
Todd C. Miller
b2af245b31 Updated translations from translationproject.org 2024-06-25 20:08:49 -06:00
Todd C. Miller
e97060d2f5 Add schema for IBM Directory Server in LDIF format. 
GitHub issue #384
 2024-06-25 19:54:09 -06:00