Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/sudo-project/sudo
Utility to execute a command as another user
https://github.com/sudo-project/sudo
71e496a901293dc6e8be0e8d80b09a67cbbddf4e authored over 7 years ago by Todd C. Miller <[email protected]>
the process name contains spaces. Since the user has control over
the command name this could be...
20a0fa12848ee4ff69153da83e0e7ad6cd4ae23f authored over 7 years ago by Todd C. Miller <[email protected]>
b2770313c6d67eb9460b78470b4fdcaf07902dff authored over 7 years ago by Todd C. Miller <[email protected]>
f794de95030b597d3b359f1f6699c8f1bcec1064 authored over 7 years ago by Todd C. Miller <[email protected]>
b53a531cc9383bcf9198b59893c259c8a2dfd698 authored over 7 years ago by Todd C. Miller <[email protected]>
instead of CMD_ERRNO or CMD_WSTATUS.
ad8c1ae07ab2d248b03eeaa5b23f1092744c787a authored over 7 years ago by Todd C. Miller <[email protected]>poorly written '*' matching.
47df575f68e4318dda9384e670bba0897549c116 authored over 7 years ago by Todd C. Miller <[email protected]>visisble, we need termios.h too.
c91b6777d3d8fbfa65d016857fa36ecabff848f6 authored over 7 years ago by Todd C. Miller <[email protected]>ea9120ee248a42be3eb2617cb094288615b305c8 authored over 7 years ago by Todd C. Miller <[email protected]>
to exec.c.
6a8eaef4b853b6749da106ab00e2fd96bec317f9 authored over 7 years ago by Todd C. Miller <[email protected]>befa862f75918141ab75b88e3c0777aa0439d203 authored over 7 years ago by Todd C. Miller <[email protected]>
f60030b903965c223a8e79dbbdda387b777d066b authored over 7 years ago by Todd C. Miller <[email protected]>
d979898e71f1738eb4325a0da8705cac9119be3c authored over 7 years ago by Todd C. Miller <[email protected]>
7db97c7835086a981c997122998901b4477d53f4 authored over 7 years ago by Todd C. Miller <[email protected]>
1dc39e9d995a8c9363003b589b271067709604a0 authored over 7 years ago by Todd C. Miller <[email protected]>
a842913aa7f0faa586f925775f11fbaa71095635 authored over 7 years ago by Todd C. Miller <[email protected]>
9c3783a175535230a63f5b22d8ccdc6c1fc5fb2e authored over 7 years ago by Todd C. Miller <[email protected]>
2a558087750eaf39929684c5c427495629ae87e4 authored over 7 years ago by Todd C. Miller <[email protected]>
handler being NULL.
9d4a92b9b49ab9129596ce4cd29c79fafa790b99 authored over 7 years ago by Todd C. Miller <[email protected]>signal_pipe explicitly.
1186f3984278df8d392f95cdc9f97afed4653730 authored over 7 years ago by Todd C. Miller <[email protected]>b5c88e52b15e11866c5f8acaaf9802024cdb45a1 authored over 7 years ago by Todd C. Miller <[email protected]>
e453c9797601229d2a0faab4476148c40a151d53 authored over 7 years ago by Todd C. Miller <[email protected]>
Otherwise, it is possible for the command to exit before the SIGCHLD
handler is installed. POSIX...
entries.
17514b55ea3a8c1a3d10f194e56e68133e20597d authored over 7 years ago by Todd C. Miller <[email protected]>and call signal_pipe_cb() directly if the backend returns EINTR
and the signal_caught flag is set...
and TAILQ_REMOVE.
a2a83557e270debd72eb6dde5afce83b82684bd9 authored over 7 years ago by Todd C. Miller <[email protected]>246ed8777d9dce4f5eccc0451b277be1e5e3bfb3 authored over 7 years ago by Todd C. Miller <[email protected]>
0244f931dd167a0e7f7dbf0c6b6eb1747bdaa51d authored over 7 years ago by Todd C. Miller <[email protected]>
75f5f4934f5401bf3fb608a0d21849c36975c333 authored over 7 years ago by Todd C. Miller <[email protected]>
specified directory and, when parsing of those files is complete,
returns control to the original...
93c029f4f9cfca217d922b700f6b2b1c13ebdf46 authored over 7 years ago by Todd C. Miller <[email protected]>
6f3cc3f10746cfa2e1b4e61d4d6df4646971fc04 authored over 7 years ago by Todd C. Miller <[email protected]>
until after we have the controlling tty.
e18a5c7d74ad4a73e571898bfc7e31b7f98f8277 authored over 7 years ago by Todd C. Miller <[email protected]>ourselves with a pipe if the plugin will actually log the data.
This avoids a problem with non-in...
62730d13da406c1e2a1c03eb111293930984fdf9 authored over 7 years ago by Todd C. Miller <[email protected]>
01228b735dc446b6501ab2a988ae434a02edda57 authored over 7 years ago by Todd C. Miller <[email protected]>
use the default label instead of 1 for the success case. It is
only reading a single byte so the...
1a047b156d0da64f89306bff927e92ee461d02f4 authored over 7 years ago by Todd C. Miller <[email protected]>
open(2) fails with EACCES. Use io_open() instead of duplicate
copies of the same fallback code.
8757691fc7637fe8ac8c595d5cd9dc4b1e5e578a authored over 7 years ago by Todd C. Miller <[email protected]>
237eddd95ebf97ff7918350e140afb5c044cdd4a authored over 7 years ago by Todd C. Miller <[email protected]>
32ebb4a3836db3422f68d789383f774b7e763f3e authored over 7 years ago by Todd C. Miller <[email protected]>
280d5ac69111f0a6d1a6ed44c0bc05c8776caf66 authored over 7 years ago by Todd C. Miller <[email protected]>
but only run it if not cross compiling and whe CHECK_NOEXEC is not
empty.
ecbf895097fce3a0b3f1a6f3a0a671d80d08d426 authored over 7 years ago by Todd C. Miller <[email protected]>
syslog_badpri to the "Strings at can be used in a boolean context" section.
8468f13c69967622821dc7165b2f6c9ba214d088 authored over 7 years ago by Todd C. Miller <[email protected]>d9bfaa386e7d09a95425ac092507dcbc15c6267b authored over 7 years ago by Todd C. Miller <[email protected]>
c3796655568cd18806569d1a99e8cf5577d1df8b authored over 7 years ago by Todd C. Miller <[email protected]>
context and use the compiled in default log facility in this case.
2d8717bdd2bd237a98b28f20a5af369709f89717 authored over 7 years ago by Todd C. Miller <[email protected]>refactor of set_default_entry() in sudo 1.8.18.
631d458b6fc7341363a121c390e086cf676ecc83 authored over 7 years ago by Todd C. Miller <[email protected]>how sudo handles the environment instead.
ddf1fa16f8ec4d45fb40f9e6026a1cbc70251d32 authored over 7 years ago by Todd C. Miller <[email protected]>See https://research.swtch.com/glob
Adapted from https://perl5.git.perl.org/perl.git/commit/33252...
a signal. Sudo will terminate itself with the same signal the
command died from. Unfortunately,...
to 0. This will prevent sudo itself from dumping core in this case.
f57629c95308cb87da059c37722bb8b65217f318 authored over 7 years ago by Todd C. Miller <[email protected]>f0425ca81315b4d42a3f3894678dcded4aa5f86c authored over 7 years ago by Todd C. Miller <[email protected]>
signal to itself so the parent shell knows the command died from
a signal. However, we don't wan...
2d13bf3562f58a5d2a5a59567bef2f279fa21725 authored over 7 years ago by Todd C. Miller <[email protected]>
exit status being 0 when a command was killed by a signal other
than SIGINT. This fixes the sign...
2180eab1f9d9b3a7f1b2291c44ec537488d54715 authored over 7 years ago by Todd C. Miller <[email protected]>
DESTDIR is generally only set when installing to a temporary
directory for packaging in which cas...
and copy it to /etc/sudoers if there is no existing /etc/sudoers.
Packages either contain /etc/su...
495931f4a86c993a807b938fb366227a5617dcc8 authored over 7 years ago by Todd C. Miller <[email protected]>
f7df250625565969c8146239ef77cd2028c4c6f8 authored over 7 years ago by Todd C. Miller <[email protected]>
11c82e2f1bd0cc6cd89612ec5c799f68142b5750 authored over 7 years ago by Todd C. Miller <[email protected]>
18c8ce10ea2eaebdcd7556382a1e783666bf2d15 authored over 7 years ago by Todd C. Miller <[email protected]>
The llvm checker gets confused by TAILQ_REMOVE and generate
use-after-free false positives.
c60259bd637fa1186d2d5279bdb61c229d27fdb7 authored over 7 years ago by Todd C. Miller <[email protected]>
c2176c32a723db9dfce96c607459490ca5c5dbaa authored over 7 years ago by Todd C. Miller <[email protected]>
6e75179528ee300c4c4be53a18de1284f5586245 authored over 7 years ago by Todd C. Miller <[email protected]>
f3daaba1c4f716220a58189b6bf210ea8ed57e3b authored over 7 years ago by Todd C. Miller <[email protected]>
value is present in sssd.conf.
583fac17ea52b59b0e85e998fe05f4d604ec8f19 authored over 7 years ago by Todd C. Miller <[email protected]>It would be nicer to just provide getgrouplist_2() (or the equivalent)
and avoid the ugly #ifdefs.
871b912f46e06b3c233e58f3a8138263ffe2cd2a authored over 7 years ago by Todd C. Miller <[email protected]>
7c63dbf65e9e8af24674521a766c9d2288694d3e authored over 7 years ago by Todd C. Miller <[email protected]>
ENOENT before returning.
d989f8af30fe812bc87fc51f6e58c64c5baea17b authored over 7 years ago by Todd C. Miller <[email protected]>in sudoers are looked up by group name instead of group ID. This
doesn't usually cause problems,...
f7251f806ce134717f3ab78df865165c54cde62d authored over 7 years ago by Todd C. Miller <[email protected]>
491e6ae9fc13c657752aef7c01250297e145e920 authored over 7 years ago by Todd C. Miller <[email protected]>
SIGINT or SIGQUIT before executing the command.
c6f9f06c45bae0de6240f1555c6d771d9fbb9222 authored over 7 years ago by Todd C. Miller <[email protected]>ec5b78335f2bb3a4d4a1c0c88be805c6f7d27bb9 authored over 7 years ago by Todd C. Miller <[email protected]>
04d83c41c716e663d644f00abea2cf92b9c86d12 authored over 7 years ago by Todd C. Miller <[email protected]>
underlying SHA2 functions. That way we can test it regardless of
whether we use sudo's SHA2 func...
fdexec.
272a9c8e9b5b74ddce0e945689c46d1384be0db6 authored over 7 years ago by Todd C. Miller <[email protected]>ba15306c97e5c22ce2c13c6e16373194cfbaf20a authored over 7 years ago by Todd C. Miller <[email protected]>
a58c7d7db54dcb18413e634cbf9ffbc7b7da00d9 authored over 7 years ago by Todd C. Miller <[email protected]>
7f2633807194e46d713d474719203928f0d6c139 authored over 7 years ago by Todd C. Miller <[email protected]>
Also always use PERM_IOLOG for mkdtemp() since we cannot retry
if it fails. Since we are guarant...
31b16fd3e98b21fac834cdd654b0076f5b95518f authored over 7 years ago by Todd C. Miller <[email protected]>
same restrictions as the user's own environment.
b3af85ddc83fe0043296671622bfb82001d75f9f authored over 7 years ago by Todd C. Miller <[email protected]>4621e43676315667664bf3768ce0dfe3fdc2f9b1 authored over 7 years ago by Todd C. Miller <[email protected]>
8d1e994d849ab2201ce17b9a5b9075610935fc34 authored over 7 years ago by Todd C. Miller <[email protected]>
7f1fa00be9663c70210a1d1de21182d5fbb514f9 authored over 7 years ago by Todd C. Miller <[email protected]>
mode after the fact. This is slightly less error prone.
7668b4b42bd04cd99178c1c80260860910946ac0 authored over 7 years ago by Todd C. Miller <[email protected]>2a37590b7debc48feb876cf9d95a5495f7350635 authored over 7 years ago by Todd C. Miller <[email protected]>
newly-created ones.
2caddff3f995e3b68c251f99bbdac3053db22666 authored over 7 years ago by Todd C. Miller <[email protected]>affected by the invoking user's umask.
1bd90d8fffb37f818c859cadabc1b0ba635e3c05 authored over 7 years ago by Todd C. Miller <[email protected]>filesystem where root is remapped to an unprivileged user.
8d57491dc1c923d585cf48e6b21cbec83e768677 authored over 7 years ago by Todd C. Miller <[email protected]>cfb15106e34ff990a97fca3c9bfb08cc3938abc5 authored over 7 years ago by Todd C. Miller <[email protected]>
a1322d7dd9ac45d55240b7bbe3ca7a266f28f0e4 authored over 7 years ago by Todd C. Miller <[email protected]>