We now create the LogHandler class for each interpreter in
python_plugin_init() instead of just once in sudo_module_init().
This fixes the crash seen in Py_EndInterpreter() with Python 3.12
and significantly reduces the number of leaked objects tracked by
MemorySanitizer.
--HG--
branch : 1.9
In sudo_module_set_default_loghandler() if we don't leak the reference
to py_loghandler we get a crash in Py_EndInterpreter() with Python
3.12. This probably indicates a reference counting bug elsewhere.
--HG--
branch : 1.9
We should only match a rule with an empty runas user if a group was
specified on the command line (sudo -g) without a user (no -u option)
or the user specified their own name on the command line.
GitHub issue #290
We should only match a rule with an empty runas user if a group was
specified on the command line (sudo -g) without a user (no -u option)
or the user specified their own name on the command line.
GitHub issue #290
--HG--
branch : 1.9
This fixes a problem with "stair-stepped" output when the sudo-run
command's output is piped to another program and the command reads
input from the terminal.
This fixes a problem with "stair-stepped" output when the sudo-run
command's output is piped to another program and the command reads
input from the terminal.
--HG--
branch : 1.9
Add cmnd_foreground flag that is only true if sudo is the foreground
process and the CD_EXEC_BG flag is not set and pass it to exec_monitor().
This means exec_monitor() no longer needs to check for CD_EXEC_BG.
Add cmnd_foreground flag that is only true if sudo is the foreground
process and the CD_EXEC_BG flag is not set and pass it to exec_monitor().
This means exec_monitor() no longer needs to check for CD_EXEC_BG.
--HG--
branch : 1.9
The NULL check was commented out for testing but should have been
restored. Fixes a potential protocol error message from sudo_logsrvd.
--HG--
branch : 1.9
This is more portable and eliminates the need to check for SYMLOOP_MAX
(and provide it if missing) in configure. Also quiet some -Wconversion
warnings.
The sudoers file must now explicitly allow the user to specify a
directory (sudo -D) or chroot (sudo -R) by setting cwd or chroot
to "*". If a specific cwd or chroot value is set in sudoers, the
user may not use the -D or -R options, even if they match the value
in sudoers.
In most cases, these simply expand to a call to sudo_debug_printf2().
We need to keep the function versions around in libsudo_util for
backwards compatibility.
