From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Mon, 1 Aug 2016 00:47:36 +0000 (-0600)
Subject: Only check SUDO_USER if euid is 0
X-Git-Tag: SUDO_1_8_18^2~91
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=54efa54c0e732c3af964b7bc809cb309a2d53d7d;p=sudo

Only check SUDO_USER if euid is 0
---

diff --git a/plugins/sudoers/visudo.c b/plugins/sudoers/visudo.c
index 5ee96ee7a..3e9ecdce4 100644
--- a/plugins/sudoers/visudo.c
+++ b/plugins/sudoers/visudo.c
@@ -134,7 +134,7 @@ int
 main(int argc, char *argv[])
 {
     struct sudoersfile *sp;
-    char *user, *editor, **editor_argv;
+    char *editor, **editor_argv;
     int ch, oldlocale, editor_argc, exitcode = 0;
     bool quiet, strict, oldperms;
     const char *export_path;
@@ -215,9 +215,11 @@ main(int argc, char *argv[])
 
     /* Mock up a fake sudo_user struct. */
     user_cmnd = user_base = "";
-    user = getenv("SUDO_USER");
-    if (user != NULL && *user != '\0')
-	sudo_user.pw = sudo_getpwnam(user);
+    if (geteuid() == 0) {
+	const char *user = getenv("SUDO_USER");
+	if (user != NULL && *user != '\0')
+	    sudo_user.pw = sudo_getpwnam(user);
+    }
     if (sudo_user.pw == NULL) {
 	if ((sudo_user.pw = sudo_getpwuid(getuid())) == NULL)
 	    sudo_fatalx(U_("you do not exist in the %s database"), "passwd");