From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Thu, 17 Nov 2016 23:00:06 +0000 (-0700)
Subject: Add umask to user_info passed in from the front end to the plugin.
X-Git-Tag: SUDO_1_8_19^2~24
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f70f595b5b603706d7506f60951bab1b2bd3b9bb;p=sudo

Add umask to user_info passed in from the front end to the plugin.
---

diff --git a/doc/sudo_plugin.cat b/doc/sudo_plugin.cat
index 3baad1998..0c12476df 100644
--- a/doc/sudo_plugin.cat
+++ b/doc/sudo_plugin.cat
@@ -336,6 +336,10 @@ DDEESSCCRRIIPPTTIIOONN
                  uid=uid_t
                        The real user ID of the user invoking ssuuddoo.
 
+                 umask=octal
+                       The invoking user's file creation mask.  Only available
+                       starting with API version 1.10.
+
                  user=string
                        The name of the user invoking ssuuddoo.
 
@@ -1546,8 +1550,9 @@ PPLLUUGGIINN AAPPII CCHHAANNGGEELLOOGG
            The _e_x_e_c_f_d entry was added to the command_info list.
 
      Version 1.10 (sudo 1.8.19)
-           The _i_o_l_o_g___g_r_o_u_p, _i_o_l_o_g___m_o_d_e, and _i_o_l_o_g___u_s_e_r entries were added to
-           the command_info list.
+           The _u_m_a_s_k entry was added to the user_info list.  The _i_o_l_o_g___g_r_o_u_p,
+           _i_o_l_o_g___m_o_d_e, and _i_o_l_o_g___u_s_e_r entries were added to the command_info
+           list.
 
 SSEEEE AALLSSOO
      sudo.conf(4), sudoers(4), sudo(1m)
@@ -1578,4 +1583,4 @@ DDIISSCCLLAAIIMMEERR
      file distributed with ssuuddoo or https://www.sudo.ws/license.html for
      complete details.
 
-Sudo 1.8.19                    November 8, 2016                    Sudo 1.8.19
+Sudo 1.8.19                    November 17, 2016                   Sudo 1.8.19
diff --git a/doc/sudo_plugin.man.in b/doc/sudo_plugin.man.in
index 82e2131a1..d452f60ba 100644
--- a/doc/sudo_plugin.man.in
+++ b/doc/sudo_plugin.man.in
@@ -16,7 +16,7 @@
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.TH "SUDO_PLUGIN" "5" "November 8, 2016" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
+.TH "SUDO_PLUGIN" "5" "November 17, 2016" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
 .nh
 .if n .ad l
 .SH "NAME"
@@ -546,6 +546,10 @@ uid=uid_t
 The real user ID of the user invoking
 \fBsudo\fR.
 .TP 6n
+umask=octal
+The invoking user's file creation mask.
+Only available starting with API version 1.10.
+.TP 6n
 user=string
 The name of the user invoking
 \fBsudo\fR.
@@ -2765,6 +2769,11 @@ list.
 .TP 6n
 Version 1.10 (sudo 1.8.19)
 The
+\fIumask\fR
+entry was added to the
+\fRuser_info\fR
+list.
+The
 \fIiolog_group\fR,
 \fIiolog_mode\fR,
 and
diff --git a/doc/sudo_plugin.mdoc.in b/doc/sudo_plugin.mdoc.in
index 7bdbf10b0..86c7bc674 100644
--- a/doc/sudo_plugin.mdoc.in
+++ b/doc/sudo_plugin.mdoc.in
@@ -14,7 +14,7 @@
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd November 8, 2016
+.Dd November 17, 2016
 .Dt SUDO_PLUGIN @mansectform@
 .Os Sudo @PACKAGE_VERSION@
 .Sh NAME
@@ -484,6 +484,9 @@ the value will be empty, as in
 .It uid=uid_t
 The real user ID of the user invoking
 .Nm sudo .
+.It umask=octal
+The invoking user's file creation mask.
+Only available starting with API version 1.10.
 .It user=string
 The name of the user invoking
 .Nm sudo .
@@ -2421,6 +2424,11 @@ entry was added to the
 list.
 .It Version 1.10 (sudo 1.8.19)
 The
+.Em umask
+entry was added to the
+.Li user_info
+list.
+The
 .Em iolog_group ,
 .Em iolog_mode ,
 and
diff --git a/plugins/sudoers/policy.c b/plugins/sudoers/policy.c
index 2fa684b98..d6066c83a 100644
--- a/plugins/sudoers/policy.c
+++ b/plugins/sudoers/policy.c
@@ -264,6 +264,7 @@ sudoers_policy_deserialize_info(void *v, char **runas_user, char **runas_group)
 #endif
     }
 
+    user_umask = (mode_t)-1;
     for (cur = info->user_info; *cur != NULL; cur++) {
 	if (MATCHES(*cur, "user=")) {
 	    if ((user_name = strdup(*cur + sizeof("user=") - 1)) == NULL)
@@ -346,6 +347,15 @@ sudoers_policy_deserialize_info(void *v, char **runas_user, char **runas_group)
 	    }
 	    continue;
 	}
+	if (MATCHES(*cur, "umask=")) {
+	    p = *cur + sizeof("umask=") - 1;
+	    sudo_user.umask = sudo_strtomode(p, &errstr);
+	    if (errstr != NULL) {
+		sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
+		goto bad;
+	    }
+	    continue;
+	}
     }
     if ((user_runhost = strdup(remhost ? remhost : user_host)) == NULL)
 	goto oom;
@@ -373,9 +383,11 @@ sudoers_policy_deserialize_info(void *v, char **runas_user, char **runas_group)
 	    goto bad;
     }
 
-    /* Stash initial umask for later use. */
-    user_umask = umask(SUDO_UMASK);
-    umask(user_umask);
+    /* umask is only set in user_info[] for API 1.10 and above. */
+    if (user_umask == (mode_t)-1) {
+	user_umask = umask(0);
+	umask(user_umask);
+    }
 
     /* Some systems support fexecve() which we use for digest matches. */
     cmnd_fd = -1;
diff --git a/src/sudo.c b/src/sudo.c
index 9a98785c5..c618b9e81 100644
--- a/src/sudo.c
+++ b/src/sudo.c
@@ -487,6 +487,7 @@ get_user_info(struct user_details *ud)
 {
     char *cp, **user_info, path[PATH_MAX];
     unsigned int i = 0;
+    mode_t mask;
     struct passwd *pw;
     int fd;
     debug_decl(get_user_info, SUDO_DEBUG_UTIL)
@@ -552,6 +553,11 @@ get_user_info(struct user_details *ud)
     if ((cp = get_user_groups(ud)) != NULL)
 	user_info[++i] = cp;
 
+    mask = umask(0);
+    umask(mask);
+    if (asprintf(&user_info[++i], "umask=0%o", (unsigned int)mask) == -1)
+	goto oom;
+
     if (getcwd(path, sizeof(path)) != NULL) {
 	user_info[++i] = sudo_new_key_val("cwd", path);
 	if (user_info[i] == NULL)