Only reset sudo_user.pw based on SUDO_USER environment variables for

real commands and sudoedit.  This avoids a confusing message when a
user tries "sudo -l" or "sudo -v" and is denied.

diff --git a/sudo.c b/sudo.c
index 60ec110f9c650102bbd45d1fa893a5ece91ffb40..18d12aea7d1395fed8602565d0d96afadd1e15aa 100644 (file)
--- a/sudo.c
+++ b/sudo.c
@@ -338,13 +338,15 @@ main(argc, argv, envp)
 
     /* If run as root with SUDO_USER set, set sudo_user.pw to that user. */
     /* XXX - causes confusion when root is not listed in sudoers */
-    if (user_uid == 0 && prev_user != NULL && strcmp(prev_user, "root") != 0) {
-           struct passwd *pw;
+    if (sudo_mode & (MODE_RUN | MODE_EDIT) && prev_user != NULL) {
+       if (user_uid == 0 && strcmp(prev_user, "root") != 0) {
+               struct passwd *pw;
 
-           if ((pw = sudo_getpwnam(prev_user)) != NULL) {
-                   free(sudo_user.pw);
-                   sudo_user.pw = pw;
-           }
+               if ((pw = sudo_getpwnam(prev_user)) != NULL) {
+                       free(sudo_user.pw);
+                       sudo_user.pw = pw;
+               }
+       }
     }
 
     /* Build a new environment that avoids any nasty bits if we have a cmnd. */