From 3316ac8ebcc658762d054125b5592754ad183a7d Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Mon, 24 Jan 2011 14:25:51 -0500
Subject: [PATCH] Do not reject sudoers file just because it is root-writable.

---
 plugins/sudoers/sudoers.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c
index fd6b249e1..a98fc2a9f 100644
--- a/plugins/sudoers/sudoers.c
+++ b/plugins/sudoers/sudoers.c
@@ -902,7 +902,7 @@ open_sudoers(const char *sudoers, int doedit, int *keepopen)
 	log_error(USE_ERRNO|NO_EXIT, "can't stat %s", sudoers);
     else if (!S_ISREG(statbuf.st_mode))
 	log_error(NO_EXIT, "%s is not a regular file", sudoers);
-    else if ((statbuf.st_mode & 07777) != SUDOERS_MODE)
+    else if ((statbuf.st_mode & 07577) != SUDOERS_MODE)
 	log_error(NO_EXIT, "%s is mode 0%o, should be 0%o", sudoers,
 	    (unsigned int) (statbuf.st_mode & 07777),
 	    (unsigned int) SUDOERS_MODE);
-- 
2.40.0