From 44341c9c15fe691ddaedd086ac0c892f4c4614fd Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Thu, 1 Apr 2010 06:35:19 -0400
Subject: [PATCH] Main sudo should not block signals; the plugin should do this
 in check_policy.

---
 plugins/sudoers/sudoers.c |  1 -
 src/sudo.c                | 16 ----------------
 src/sudo_edit.c           |  6 ------
 3 files changed, 23 deletions(-)

diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c
index 1e8f18219..8e8c49d69 100644
--- a/plugins/sudoers/sudoers.c
+++ b/plugins/sudoers/sudoers.c
@@ -194,7 +194,6 @@ sudoers_policy_open(unsigned int version, sudo_conv_t conversation,
 	return -1;
     }
 
-/* XXX - signal setup duplicated in sudo.c */
     /*
      * Signal setup:
      *	Ignore keyboard-generated signals so the user cannot interrupt
diff --git a/src/sudo.c b/src/sudo.c
index bf3e740e9..2c8d0be8a 100644
--- a/src/sudo.c
+++ b/src/sudo.c
@@ -105,12 +105,10 @@ struct user_details user_details;
 #if defined(RLIMIT_CORE) && !defined(SUDO_DEVEL)
 static struct rlimit corelimit;
 #endif /* RLIMIT_CORE && !SUDO_DEVEL */
-sigaction_t saved_sa_int, saved_sa_quit, saved_sa_tstp;
 
 int
 main(int argc, char *argv[], char *envp[])
 {
-    sigaction_t sa;
     int nargc, sudo_mode;
     char **nargv, **settings, **env_add;
     char **user_info, **command_info, **argv_out, **user_env_out;
@@ -134,20 +132,6 @@ main(int argc, char *argv[], char *envp[])
     if (geteuid() != 0)
 	errorx(1, "must be setuid root");
 
-    /*
-     * Signal setup:
-     *	Ignore keyboard-generated signals so the user cannot interrupt
-     *  us at some point and avoid the logging.
-     * XXX - leave this to the plugin?
-     */
-    zero_bytes(&sa, sizeof(sa));
-    sigemptyset(&sa.sa_mask);
-    sa.sa_flags = SA_RESTART;
-    sa.sa_handler = SIG_IGN;
-    (void) sigaction(SIGINT, &sa, &saved_sa_int);
-    (void) sigaction(SIGQUIT, &sa, &saved_sa_quit);
-    (void) sigaction(SIGTSTP, &sa, &saved_sa_tstp);
-
     /* Turn off core dumps and make sure fds 0-2 are open. */
     disable_coredumps();
     fix_fds();
diff --git a/src/sudo_edit.c b/src/sudo_edit.c
index 347eed94c..f9c8751ba 100644
--- a/src/sudo_edit.c
+++ b/src/sudo_edit.c
@@ -55,7 +55,6 @@
 
 #include "sudo.h"
 
-extern sigaction_t saved_sa_int, saved_sa_quit, saved_sa_tstp;
 extern char **environ;
 
 static char *find_editor();
@@ -211,9 +210,6 @@ sudo_edit(int argc, char **argv, char **envp)
 	nargv[ac++] = tf[i++].tfile;
     nargv[ac] = NULL;
 
-    /* Allow the editor to be suspended. */
-    (void) sigaction(SIGTSTP, &saved_sa_tstp, NULL);
-
     /*
      * Fork and exec the editor with the invoking user's creds,
      * keeping track of the time spent in the editor.
@@ -225,8 +221,6 @@ sudo_edit(int argc, char **argv, char **envp)
 	goto cleanup;
     } else if (kidpid == 0) {
 	/* child */
-	(void) sigaction(SIGINT, &saved_sa_int, NULL);
-	(void) sigaction(SIGQUIT, &saved_sa_quit, NULL);
 	set_perms(PERM_FULL_USER);
 	closefrom(def_closefrom);
 	execvp(nargv[0], nargv);
-- 
2.40.0