From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Mon, 21 May 2012 19:39:24 +0000 (-0400)
Subject: Add tests for sudoers mode, owner and group checks.
X-Git-Tag: SUDO_1_8_6^2~177
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ca9331d49835441f435faf1ee996adddea2897a8;p=sudo

Add tests for sudoers mode, owner and group checks.
---

diff --git a/plugins/sudoers/Makefile.in b/plugins/sudoers/Makefile.in
index a1c633c3a..0d1f63bc4 100644
--- a/plugins/sudoers/Makefile.in
+++ b/plugins/sudoers/Makefile.in
@@ -355,7 +355,7 @@ check: $(TEST_PROGS) visudo testsudoers
 	    rval=`expr $$rval + $$failed`; exit $$rval
 
 clean:
-	-$(LIBTOOL) --mode=clean rm -f $(PROGS) $(TEST_PROGS) *.lo *.o *.la *.a stamp-* core *.core core.* *.out *.toke *.err
+	-$(LIBTOOL) --mode=clean rm -f $(PROGS) $(TEST_PROGS) *.lo *.o *.la *.a stamp-* core *.core core.* *.out *.toke *.err *.inc
 
 mostlyclean: clean
 
diff --git a/plugins/sudoers/regress/testsudoers/test1.sh b/plugins/sudoers/regress/testsudoers/test1.sh
index a6358b3fa..31f5ba029 100755
--- a/plugins/sudoers/regress/testsudoers/test1.sh
+++ b/plugins/sudoers/regress/testsudoers/test1.sh
@@ -5,6 +5,7 @@
 # This is RedHat bug Bug 667103.
 #
 
+exec 2>&1
 ./testsudoers -g bin root id <<EOF
 root ALL = ALL
 EOF
diff --git a/plugins/sudoers/regress/testsudoers/test2.sh b/plugins/sudoers/regress/testsudoers/test2.sh
index 71215a07f..9dd4df29a 100755
--- a/plugins/sudoers/regress/testsudoers/test2.sh
+++ b/plugins/sudoers/regress/testsudoers/test2.sh
@@ -3,6 +3,9 @@
 # Test #include facility
 #
 
-./testsudoers root id <<EOF
+USER=`\ls -l $TESTDIR/test2.inc | awk '{print $3}'`
+UID=`id -u $USER`
+exec 2>&1
+./testsudoers -U $UID root id <<EOF
 #include $TESTDIR/test2.inc
 EOF
diff --git a/plugins/sudoers/regress/testsudoers/test3.sh b/plugins/sudoers/regress/testsudoers/test3.sh
index 994899c93..cc904cf85 100755
--- a/plugins/sudoers/regress/testsudoers/test3.sh
+++ b/plugins/sudoers/regress/testsudoers/test3.sh
@@ -3,6 +3,9 @@
 # Test #include facility
 #
 
-./testsudoers -U `id -u` root id <<EOF
+USER=`\ls -l $TESTDIR/test2.inc | awk '{print $3}'`
+UID=`id -u $USER`
+exec 2>&1
+./testsudoers -U $UID root id <<EOF
 #includedir $TESTDIR/test3.d
 EOF
diff --git a/plugins/sudoers/regress/testsudoers/test4.out.ok b/plugins/sudoers/regress/testsudoers/test4.out.ok
new file mode 100644
index 000000000..6b27d71ad
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test4.out.ok
@@ -0,0 +1,6 @@
+testsudoers: test2.inc should be owned by uid 1
+Parse error in sudoers near line 1.
+
+Entries for user root:
+
+Command unmatched
diff --git a/plugins/sudoers/regress/testsudoers/test4.sh b/plugins/sudoers/regress/testsudoers/test4.sh
new file mode 100755
index 000000000..067f43e12
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test4.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# Test sudoers owner check
+#
+
+exec 2>&1
+./testsudoers -U 1 root id <<EOF
+#include $TESTDIR/test2.inc
+EOF
diff --git a/plugins/sudoers/regress/testsudoers/test5.inc b/plugins/sudoers/regress/testsudoers/test5.inc
new file mode 100644
index 000000000..52ca040bf
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test5.inc
@@ -0,0 +1 @@
+root ALL = ALL
diff --git a/plugins/sudoers/regress/testsudoers/test5.out.ok b/plugins/sudoers/regress/testsudoers/test5.out.ok
new file mode 100644
index 000000000..a45dcdd22
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test5.out.ok
@@ -0,0 +1,12 @@
+testsudoers: test5.inc is world writable
+Parse error in sudoers near line 1.
+
+Entries for user root:
+
+Command unmatched
+testsudoers: test5.inc should be owned by gid 1
+Parse error in sudoers near line 1.
+
+Entries for user root:
+
+Command unmatched
diff --git a/plugins/sudoers/regress/testsudoers/test5.sh b/plugins/sudoers/regress/testsudoers/test5.sh
new file mode 100755
index 000000000..c71c09012
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test5.sh
@@ -0,0 +1,26 @@
+#!/bin/sh
+#
+# Test sudoers file mode check
+#
+
+# Create test file
+TESTFILE=`pwd`/test5.inc
+cat >$TESTFILE <<EOF
+root ALL = ALL
+EOF
+
+USER=`\ls -l $TESTFILE | awk '{print $3}'`
+UID=`id -u $USER`
+exec 2>&1
+
+# Test world writable
+chmod 666 $TESTFILE
+./testsudoers -U $UID root id <<EOF
+#include $TESTFILE
+EOF
+
+# Test group writable
+chmod 664 $TESTFILE
+./testsudoers -U $UID -G 1 root id <<EOF
+#include $TESTFILE
+EOF
diff --git a/plugins/sudoers/testsudoers.c b/plugins/sudoers/testsudoers.c
index cad161241..a3a1814a1 100644
--- a/plugins/sudoers/testsudoers.c
+++ b/plugins/sudoers/testsudoers.c
@@ -69,6 +69,7 @@
 #include "interfaces.h"
 #include "parse.h"
 #include "sudo_conf.h"
+#include "secure_path.h"
 #include <gram.h>
 
 /*
@@ -160,7 +161,7 @@ main(int argc, char *argv[])
 
     dflag = 0;
     grfile = pwfile = NULL;
-    while ((ch = getopt(argc, argv, "dg:G:h:p:tu:U:")) != -1) {
+    while ((ch = getopt(argc, argv, "dg:G:h:P:p:tu:U:")) != -1) {
 	switch (ch) {
 	    case 'd':
 		dflag = 1;
@@ -169,7 +170,7 @@ main(int argc, char *argv[])
 		user_host = optarg;
 		break;
 	    case 'G':
-		grfile = optarg;
+		sudoers_gid = (gid_t)atoi(optarg);
 		break;
 	    case 'g':
 		runas_group = optarg;
@@ -177,11 +178,14 @@ main(int argc, char *argv[])
 	    case 'p':
 		pwfile = optarg;
 		break;
+	    case 'P':
+		grfile = optarg;
+		break;
 	    case 't':
 		trace_print = testsudoers_print;
 		break;
 	    case 'U':
-		sudoers_uid = atoi(optarg);
+		sudoers_uid = (uid_t)atoi(optarg);
 		break;
 	    case 'u':
 		runas_user = optarg;
@@ -417,11 +421,44 @@ set_fqdn(void)
 }
 
 FILE *
-open_sudoers(const char *path, bool doedit, bool *keepopen)
+open_sudoers(const char *sudoers, bool doedit, bool *keepopen)
 {
+    struct stat sb;
+    FILE *fp = NULL;
+    char *sudoers_base;
     debug_decl(open_sudoers, SUDO_DEBUG_UTIL)
 
-    debug_return_ptr(fopen(path, "r"));
+    sudoers_base = strrchr(sudoers, '/');
+    if (sudoers_base != NULL)
+	sudoers_base++;
+
+    switch (sudo_secure_file(sudoers, sudoers_uid, sudoers_gid, &sb)) {
+	case SUDO_PATH_SECURE:
+	    fp = fopen(sudoers, "r");
+	    break;
+	case SUDO_PATH_MISSING:
+	    warning("unable to stat %s", sudoers_base);
+	    break;
+	case SUDO_PATH_BAD_TYPE:
+	    warningx("%s is not a regular file", sudoers_base);
+	    break;
+	case SUDO_PATH_WRONG_OWNER:
+	    warningx("%s should be owned by uid %u",
+		sudoers_base, (unsigned int) sudoers_uid);
+	    break;
+	case SUDO_PATH_WORLD_WRITABLE:
+	    warningx("%s is world writable", sudoers_base);
+	    break;
+	case SUDO_PATH_GROUP_WRITABLE:
+	    warningx("%s should be owned by gid %u",
+		sudoers_base, (unsigned int) sudoers_gid);
+	    break;
+	default:
+	    /* NOTREACHED */
+	    break;
+    }
+
+    debug_return_ptr(fp);
 }
 
 void
@@ -680,6 +717,6 @@ static int testsudoers_print(const char *msg)
 void
 usage(void)
 {
-    (void) fprintf(stderr, "usage: %s [-dt] [-G grfile] [-g group] [-h host] [-p pwfile] [-U sudoers_uid] [-u user] <user> <command> [args]\n", getprogname());
+    (void) fprintf(stderr, "usage: %s [-dt] [-G sudoers_gid] [-g group] [-h host] [-p grfile] [-p pwfile] [-U sudoers_uid] [-u user] <user> <command> [args]\n", getprogname());
     exit(1);
 }