Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

github.com/sudo-project/sudo

Utility to execute a command as another user
https://github.com/sudo-project/sudo

Sudo 1.8.20p1

71e496a901293dc6e8be0e8d80b09a67cbbddf4e authored over 7 years ago by Todd C. Miller <[email protected]>
Fix for CVE-2017-1000367, parsing of /proc/pid/stat on Linux when

the process name contains spaces. Since the user has control over
the command name this could be...

b3fe46ce6534ebcb6fb0e91d24ac4d387f315445 authored over 7 years ago by Todd C. Miller <[email protected]>
Fix potential memory leak on reallocarray() error. Coverity CID 169639

20a0fa12848ee4ff69153da83e0e7ad6cd4ae23f authored over 7 years ago by Todd C. Miller <[email protected]>
Only fall back to deprecated getaudit() on FreeBSD. Fixes compiler warnings on macOS.

b2770313c6d67eb9460b78470b4fdcaf07902dff authored over 7 years ago by Todd C. Miller <[email protected]>
Use clang on macOS if present

f794de95030b597d3b359f1f6699c8f1bcec1064 authored over 7 years ago by Todd C. Miller <[email protected]>
fix paths to LICENSE and NEWS files for macOS packages

b53a531cc9383bcf9198b59893c259c8a2dfd698 authored over 7 years ago by Todd C. Miller <[email protected]>
To avoid overwriting existing command status, check for CMD_INVALID

instead of CMD_ERRNO or CMD_WSTATUS.

ad8c1ae07ab2d248b03eeaa5b23f1092744c787a authored over 7 years ago by Todd C. Miller <[email protected]>
Add some patterns that could result in exponential run time for

poorly written '*' matching.

47df575f68e4318dda9384e670bba0897549c116 authored over 7 years ago by Todd C. Miller <[email protected]>
On HP-UX 11.0, sys/ioctl.h is not sufficient to make struct winsize

visisble, we need termios.h too.

c91b6777d3d8fbfa65d016857fa36ecabff848f6 authored over 7 years ago by Todd C. Miller <[email protected]>
Always used TIOCGWINSZ.

ea9120ee248a42be3eb2617cb094288615b305c8 authored over 7 years ago by Todd C. Miller <[email protected]>
Move exec_setup(), unlimit_nproc() and restore_nproc() from sudo.c

to exec.c.

6a8eaef4b853b6749da106ab00e2fd96bec317f9 authored over 7 years ago by Todd C. Miller <[email protected]>
No need to include selinux.h here.

befa862f75918141ab75b88e3c0777aa0439d203 authored over 7 years ago by Todd C. Miller <[email protected]>
Fix compilation error on macOS

f60030b903965c223a8e79dbbdda387b777d066b authored over 7 years ago by Todd C. Miller <[email protected]>
Remove use of non-standard sigaction_t

d979898e71f1738eb4325a0da8705cac9119be3c authored over 7 years ago by Todd C. Miller <[email protected]>
Avoid a clang analyzer false positive.

7db97c7835086a981c997122998901b4477d53f4 authored over 7 years ago by Todd C. Miller <[email protected]>
Add cov-build and cov-submit targets for checking with coverity.

1dc39e9d995a8c9363003b589b271067709604a0 authored over 7 years ago by Todd C. Miller <[email protected]>
Use debug logging instead of ignore_result() where possible.

a842913aa7f0faa586f925775f11fbaa71095635 authored over 7 years ago by Todd C. Miller <[email protected]>
sudo 1.8.21

9c3783a175535230a63f5b22d8ccdc6c1fc5fb2e authored over 7 years ago by Todd C. Miller <[email protected]>
Add support for signal events in sudo's event subsystem

2a558087750eaf39929684c5c427495629ae87e4 authored over 7 years ago by Todd C. Miller <[email protected]>
Handle the possibility of the siginfo parameter in sa_sigaction

handler being NULL.

9d4a92b9b49ab9129596ce4cd29c79fafa790b99 authored over 7 years ago by Todd C. Miller <[email protected]>
Use SUDO_EV_SIGNAL and SUDO_EV_SIGINFO instead of managing the

signal_pipe explicitly.

1186f3984278df8d392f95cdc9f97afed4653730 authored over 7 years ago by Todd C. Miller <[email protected]>
Remove use of the non-standard SA_INTERRUPT

b5c88e52b15e11866c5f8acaaf9802024cdb45a1 authored over 7 years ago by Todd C. Miller <[email protected]>
Restore the error message for sudo_ev_add() failure.

e453c9797601229d2a0faab4476148c40a151d53 authored over 7 years ago by Todd C. Miller <[email protected]>
Add SIGCHLD to the list of signals we install sudo_handler() for.

Otherwise, it is possible for the command to exit before the SIGCHLD
handler is installed. POSIX...

15790b69c2ea6ba509403b34de4152dd2f066e6c authored over 7 years ago by Todd C. Miller <[email protected]>
Add support for multiple '*' in env_keep, env_check and env_delete

entries.

17514b55ea3a8c1a3d10f194e56e68133e20597d authored over 7 years ago by Todd C. Miller <[email protected]>
Activate the sigevents inside the signal pipe callback itself

and call signal_pipe_cb() directly if the backend returns EINTR
and the signal_caught flag is set...

95e92bfe4e3a986947b3994ac7374d7fbce3a2cc authored over 7 years ago by Todd C. Miller <[email protected]>
Add workaround for clang static analyzer being confused by LIST_REMOVE

and TAILQ_REMOVE.

a2a83557e270debd72eb6dde5afce83b82684bd9 authored over 7 years ago by Todd C. Miller <[email protected]>
Fix "make check" when openssl or gcrypt is used. Bug #787

246ed8777d9dce4f5eccc0451b277be1e5e3bfb3 authored over 7 years ago by Todd C. Miller <[email protected]>
Only display string version of errno if sudo_ev_add() fails for now

0244f931dd167a0e7f7dbf0c6b6eb1747bdaa51d authored over 7 years ago by Todd C. Miller <[email protected]>
update

75f5f4934f5401bf3fb608a0d21849c36975c333 authored over 7 years ago by Todd C. Miller <[email protected]>
Be clear that #includedir diverts control to the files in the

specified directory and, when parsing of those files is complete,
returns control to the original...

e51831fab36f88bc9ccf4e6ab7987d8e84a233c2 authored over 7 years ago by Todd C. Miller <[email protected]>
sync with translationproject.org

93c029f4f9cfca217d922b700f6b2b1c13ebdf46 authored over 7 years ago by Todd C. Miller <[email protected]>
update

6f3cc3f10746cfa2e1b4e61d4d6df4646971fc04 authored over 7 years ago by Todd C. Miller <[email protected]>
Fix a hang introduced in the last commit. Don't close the pty slave

until after we have the controlling tty.

e18a5c7d74ad4a73e571898bfc7e31b7f98f8277 authored over 7 years ago by Todd C. Miller <[email protected]>
If any of std{in,out,err} are not hooked up to a tty only interpose

ourselves with a pipe if the plugin will actually log the data.
This avoids a problem with non-in...

44dc15d02dc0b34bf03bc971ba08d3a761c3a031 authored over 7 years ago by Todd C. Miller <[email protected]>
update

62730d13da406c1e2a1c03eb111293930984fdf9 authored over 7 years ago by Todd C. Miller <[email protected]>
Update based on information from Michael Felt.

01228b735dc446b6501ab2a988ae434a02edda57 authored over 7 years ago by Todd C. Miller <[email protected]>
In check_input() when switch()ing on the return value of read(),

use the default label instead of 1 for the success case. It is
only reading a single byte so the...

4e67ac56bd346152903cf023d5b2fe712eb99306 authored over 7 years ago by Todd C. Miller <[email protected]>
Check sudo_ev_add() return value. Coverity CID 168362

1a047b156d0da64f89306bff927e92ee461d02f4 authored over 7 years ago by Todd C. Miller <[email protected]>
Add io_open() wrapper for open(2) that retries with PERM_IOLOG if

open(2) fails with EACCES. Use io_open() instead of duplicate
copies of the same fallback code.

1d1ebb611124bb354ed6bc28711b6147c14f1692 authored over 7 years ago by Todd C. Miller <[email protected]>
Don't retry the open() if set_perms() fails.

8757691fc7637fe8ac8c595d5cd9dc4b1e5e578a authored over 7 years ago by Todd C. Miller <[email protected]>
Fix typo (fd2 vs. fd) caught by coverity, CID 168359.

237eddd95ebf97ff7918350e140afb5c044cdd4a authored over 7 years ago by Todd C. Miller <[email protected]>
sync with translationproject.org

32ebb4a3836db3422f68d789383f774b7e763f3e authored over 7 years ago by Todd C. Miller <[email protected]>
Warn people not to use --enable-asan in production.

280d5ac69111f0a6d1a6ed44c0bc05c8776caf66 authored over 7 years ago by Todd C. Miller <[email protected]>
Move the invocation of check_noexec into the main "check" target

but only run it if not cross compiling and whe CHECK_NOEXEC is not
empty.

80f8960fc67711f80f12820532070acd9be8df97 authored over 7 years ago by Todd C. Miller <[email protected]>
Move @CHECK_NOEXEC@ to TEST_PROGS so it gets cleaned up properly.

ecbf895097fce3a0b3f1a6f3a0a671d80d08d426 authored over 7 years ago by Todd C. Miller <[email protected]>
Move syslog_maxlen to the "Integers" section. Move syslog_goodpri and

syslog_badpri to the "Strings at can be used in a boolean context" section.

8468f13c69967622821dc7165b2f6c9ba214d088 authored over 7 years ago by Todd C. Miller <[email protected]>
Fix a pasto that resulted in an extra (empty) syslog_goodpri list entry.

d9bfaa386e7d09a95425ac092507dcbc15c6267b authored over 7 years ago by Todd C. Miller <[email protected]>
Add tests for parsing tuples and syslog options.

c3796655568cd18806569d1a99e8cf5577d1df8b authored over 7 years ago by Todd C. Miller <[email protected]>
Allow the syslog Defaults option to be used in a "true" boolean

context and use the compiled in default log facility in this case.

2d8717bdd2bd237a98b28f20a5af369709f89717 authored over 7 years ago by Todd C. Miller <[email protected]>
Allow a tuple to be set to boolean true. Regression introduced by

refactor of set_default_entry() in sudo 1.8.18.

631d458b6fc7341363a121c390e086cf676ecc83 authored over 7 years ago by Todd C. Miller <[email protected]>
Replace the list of "dangerous" environment variables and explain

how sudo handles the environment instead.

ddf1fa16f8ec4d45fb40f9e6026a1cbc70251d32 authored over 7 years ago by Todd C. Miller <[email protected]>
Fix exponential behavior in glob() with respect to multiple '*'.

See https://research.swtch.com/glob
Adapted from https://perl5.git.perl.org/perl.git/commit/33252...

6af6f846709403e80ef848a282f03150e54cd113 authored over 7 years ago by Todd C. Miller <[email protected]>
We no longer need to write to the tty if the command was killed by

a signal. Sudo will terminate itself with the same signal the
command died from. Unfortunately,...

dab8651ed21b3047d43beb597bf5bb9c0b699486 authored over 7 years ago by Todd C. Miller <[email protected]>
On Linux, if the command we ran dumped core, set PR_SET_DUMPABLE

to 0. This will prevent sudo itself from dumping core in this case.

f57629c95308cb87da059c37722bb8b65217f318 authored over 7 years ago by Todd C. Miller <[email protected]>
Update path to sudo_noexec.so

f0425ca81315b4d42a3f3894678dcded4aa5f86c authored over 7 years ago by Todd C. Miller <[email protected]>
If the command terminated due to a signal, sudo will send that same

signal to itself so the parent shell knows the command died from
a signal. However, we don't wan...

91aec9730e46e1a185d0cedd5552f47c985864cf authored over 7 years ago by Todd C. Miller <[email protected]>
sync

2d13bf3562f58a5d2a5a59567bef2f279fa21725 authored over 7 years ago by Todd C. Miller <[email protected]>
The fix for Bug #722 contained a typo/thinko that resulted in the

exit status being 0 when a command was killed by a signal other
than SIGINT. This fixes the sign...

9ee50beaa7f1bf61295a5b5960ac302fcc2e67fb authored over 7 years ago by Todd C. Miller <[email protected]>
Better check for /etc/rc.d/rc2.d/S90sudo on AIX

2180eab1f9d9b3a7f1b2291c44ec537488d54715 authored over 7 years ago by Todd C. Miller <[email protected]>
Don't install the rc.d link when installing to a DESTDIR.

DESTDIR is generally only set when installing to a temporary
directory for packaging in which cas...

54a23d2c5d0adf848bd99506744d4eaaa4bb3298 authored over 7 years ago by Todd C. Miller <[email protected]>
In "make install", install sample sudoers file as /etc/sudoers.dist

and copy it to /etc/sudoers if there is no existing /etc/sudoers.
Packages either contain /etc/su...

9bccceaea13d02725acde4e7a1418bb566b1bce5 authored over 7 years ago by Todd C. Miller <[email protected]>
Allow "make dist" and "make depend" to work for out of tree builds.

495931f4a86c993a807b938fb366227a5617dcc8 authored over 7 years ago by Todd C. Miller <[email protected]>
Add missing $(srcdir) prefix to shlib_exp definition.

f7df250625565969c8146239ef77cd2028c4c6f8 authored over 7 years ago by Todd C. Miller <[email protected]>
Fix typo in killpg macro.

11c82e2f1bd0cc6cd89612ec5c799f68142b5750 authored over 7 years ago by Todd C. Miller <[email protected]>
Fix the killpg macro for systems without killpg() in libc.

18c8ce10ea2eaebdcd7556382a1e783666bf2d15 authored over 7 years ago by Todd C. Miller <[email protected]>
Use the standard idiom for popping all entries from a tail queue.

The llvm checker gets confused by TAILQ_REMOVE and generate
use-after-free false positives.

9f1afe23fe0b79936dbcf3be0bb629d16aea10d2 authored over 7 years ago by Todd C. Miller <[email protected]>
rewrite errpipe callbacks

c60259bd637fa1186d2d5279bdb61c229d27fdb7 authored over 7 years ago by Todd C. Miller <[email protected]>
use pipe2() with O_CLOEXEC instead of pipe() + fcntl() and FD_CLOEXEC

c2176c32a723db9dfce96c607459490ca5c5dbaa authored over 7 years ago by Todd C. Miller <[email protected]>
init io_pipe[][] to -1, not 0

6e75179528ee300c4c4be53a18de1284f5586245 authored over 7 years ago by Todd C. Miller <[email protected]>
In sudo_sss_check_user() it is not possible for handle to be NULL.

f3daaba1c4f716220a58189b6bf210ea8ed57e3b authored over 7 years ago by Todd C. Miller <[email protected]>
Fix a use after free when the fqdn sudoOption is set and no hostname

value is present in sssd.conf.

583fac17ea52b59b0e85e998fe05f4d604ec8f19 authored over 7 years ago by Todd C. Miller <[email protected]>
Avoid unused variable when getgrouplist_2() is available.

It would be nicer to just provide getgrouplist_2() (or the equivalent)
and avoid the ugly #ifdefs.

a245fedc221ab689aae1595af6549f8f10e85f97 authored over 7 years ago by Todd C. Miller <[email protected]>
sync with translationproject.org

871b912f46e06b3c233e58f3a8138263ffe2cd2a authored over 7 years ago by Todd C. Miller <[email protected]>
regen

7c63dbf65e9e8af24674521a766c9d2288694d3e authored over 7 years ago by Todd C. Miller <[email protected]>
In sudo_ttyname_scan() if dir is the empty string, set errno to

ENOENT before returning.

d989f8af30fe812bc87fc51f6e58c64c5baea17b authored over 7 years ago by Todd C. Miller <[email protected]>
Try to make it clear that when match_group_by_gid is enabled, groups

in sudoers are looked up by group name instead of group ID. This
doesn't usually cause problems,...

0b81e0b1951bf4c9cfe0fe5d78098ca85faf3636 authored over 7 years ago by Todd C. Miller <[email protected]>
sync with translationproject.org

f7251f806ce134717f3ab78df865165c54cde62d authored over 7 years ago by Todd C. Miller <[email protected]>
plug memory leak in check_digest

491e6ae9fc13c657752aef7c01250297e145e920 authored over 7 years ago by Todd C. Miller <[email protected]>
Check return value of dispatch_pending_signals() in case we received

SIGINT or SIGQUIT before executing the command.

c6f9f06c45bae0de6240f1555c6d771d9fbb9222 authored over 7 years ago by Todd C. Miller <[email protected]>
back out unintentional change to the version number

ec5b78335f2bb3a4d4a1c0c88be805c6f7d27bb9 authored over 7 years ago by Todd C. Miller <[email protected]>
sync with translationproject.org

04d83c41c716e663d644f00abea2cf92b9c86d12 authored over 7 years ago by Todd C. Miller <[email protected]>
Make check_digest test sudo_filedigest() itself instead of the

underlying SHA2 functions. That way we can test it regardless of
whether we use sudo's SHA2 func...

bdc9251184af0d68ea09cddd1fd549ddd7731115 authored over 7 years ago by Todd C. Miller <[email protected]>
Document that commands matched by "sudo ALL" are not affected by

fdexec.

272a9c8e9b5b74ddce0e945689c46d1384be0db6 authored over 7 years ago by Todd C. Miller <[email protected]>
Update for 1.8.20

ba15306c97e5c22ce2c13c6e16373194cfbaf20a authored over 7 years ago by Todd C. Miller <[email protected]>
regen for restricted_env_file

a58c7d7db54dcb18413e634cbf9ffbc7b7da00d9 authored over 7 years ago by Todd C. Miller <[email protected]>
Mention that iolog_user is useful for NFS.

7f2633807194e46d713d474719203928f0d6c139 authored over 7 years ago by Todd C. Miller <[email protected]>
Only retry mkdir or create with PERM_IOLOG if errno is EACCES.

Also always use PERM_IOLOG for mkdtemp() since we cannot retry
if it fails. Since we are guarant...

4df6b62b56da94d6fbffd8ba5a247230f928e4fd authored over 7 years ago by Todd C. Miller <[email protected]>
Add fallback to PERM_IOLOG when making the final componenet of iolog_dir.

31b16fd3e98b21fac834cdd654b0076f5b95518f authored over 7 years ago by Todd C. Miller <[email protected]>
Add restricted_env_file which is like env_file but subject to the

same restrictions as the user's own environment.

b3af85ddc83fe0043296671622bfb82001d75f9f authored over 7 years ago by Todd C. Miller <[email protected]>
quiet a warning on older zlib

4621e43676315667664bf3768ce0dfe3fdc2f9b1 authored over 7 years ago by Todd C. Miller <[email protected]>
cast mode_t to unsigned int when printing with %o

8d1e994d849ab2201ce17b9a5b9075610935fc34 authored over 7 years ago by Todd C. Miller <[email protected]>
regen

7f1fa00be9663c70210a1d1de21182d5fbb514f9 authored over 7 years ago by Todd C. Miller <[email protected]>
Set umask temporarily when creating files instead of changing the

mode after the fact. This is slightly less error prone.

7668b4b42bd04cd99178c1c80260860910946ac0 authored over 7 years ago by Todd C. Miller <[email protected]>
remove now-useless variable

2a37590b7debc48feb876cf9d95a5495f7350635 authored over 7 years ago by Todd C. Miller <[email protected]>
Don't set owner/mode on directories that already exist, only on

newly-created ones.

2caddff3f995e3b68c251f99bbdac3053db22666 authored over 7 years ago by Todd C. Miller <[email protected]>
Explicitly set the file mode of I/O log files so the mode is not

affected by the invoking user's umask.

1bd90d8fffb37f818c859cadabc1b0ba635e3c05 authored over 7 years ago by Todd C. Miller <[email protected]>
Add PERM_IOLOG so we can create I/O log files on an NFS-mounted

filesystem where root is remapped to an unprivileged user.

8d57491dc1c923d585cf48e6b21cbec83e768677 authored over 7 years ago by Todd C. Miller <[email protected]>
Restore the '/' in the path before returning if we encounter an error.

cfb15106e34ff990a97fca3c9bfb08cc3938abc5 authored over 7 years ago by Todd C. Miller <[email protected]>
zero out nss->handle after it has been freed to make sure we cannot free it twice

a1322d7dd9ac45d55240b7bbe3ca7a266f28f0e4 authored over 7 years ago by Todd C. Miller <[email protected]>