Can now deal with SUDOERS_UID == 0 and SUDOERS_MODE == 0400

author Todd C. Miller <Todd.Miller@courtesan.com>

Mon, 11 Nov 1996 01:32:33 +0000 (01:32 +0000)

committer Todd C. Miller <Todd.Miller@courtesan.com>

Mon, 11 Nov 1996 01:32:33 +0000 (01:32 +0000)
author Todd C. Miller <Todd.Miller@courtesan.com>
Mon, 11 Nov 1996 01:32:33 +0000 (01:32 +0000)
committer Todd C. Miller <Todd.Miller@courtesan.com>
Mon, 11 Nov 1996 01:32:33 +0000 (01:32 +0000)
diff --git a/sudo.c b/sudo.c

index 325510ff82637e93e5346f9bd683175caa63b61d..52245b0716eadccb2f487e6f13db10d836259431 100644 (file)
--- a/sudo.c
+++ b/sudo.c
@@ -939,13 +939,14 @@ void set_perms(perm, sudo_mode)
                                 }
  
                                 /*
-                                * If SUDOERS_UID == 0 we need to use
-                                * a different uid in order to avoid
-                                * NFS lossage.  Using uid 1 is a bit
-                                * bogus but should be safe.
+                                * If SUDOERS_UID == 0 and SUDOERS_MODE
+                                * is group readable we use a non-zero
+                                * uid in order to avoid NFS lossage.
+                                * Using uid 1 is a bit bogus but should
+                                * work on all OS's.
                                  */
                                 if (SUDOERS_UID == 0) {
-                                   if (seteuid(1)) {
+                                   if ((SUDOERS_MODE & 040) && seteuid(1)) {
                                         perror("seteuid(1)");
                                         exit(1);
                                     }
author	Todd C. Miller <Todd.Miller@courtesan.com>
	Mon, 11 Nov 1996 01:32:33 +0000 (01:32 +0000)
committer	Todd C. Miller <Todd.Miller@courtesan.com>
	Mon, 11 Nov 1996 01:32:33 +0000 (01:32 +0000)