From 4b96e94f37f89f741cbeaeb84a7d3d02b88a130e Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 18 Jan 2016 13:12:50 -0700 Subject: [PATCH] Need to be root when switching to a different user. --- src/sudo_edit.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/sudo_edit.c b/src/sudo_edit.c index 6e7162423..c63d4b603 100644 --- a/src/sudo_edit.c +++ b/src/sudo_edit.c @@ -254,8 +254,21 @@ dir_is_writable(int dfd, struct user_details *ud, struct command_details *cd) debug_decl(dir_is_writable, SUDO_DEBUG_EDIT) int rc; + /* Change uid/gid/groups to invoking user, usually needs root perms. */ + if (cd->euid != ROOT_UID) { + if (seteuid(ROOT_UID) != 0) + sudo_fatal("seteuid(ROOT_UID)"); + } switch_user(ud->uid, ud->gid, ud->ngroups, ud->groups); + + /* Access checks are done using the euid/egid and group vector. */ rc = faccessat(dfd, ".", W_OK, AT_EACCESS); + + /* Change uid/gid/groups back to target user, may need root perms. */ + if (ud->uid != ROOT_UID) { + if (seteuid(ROOT_UID) != 0) + sudo_fatal("seteuid(ROOT_UID)"); + } switch_user(cd->euid, cd->egid, cd->ngroups, cd->groups); if (rc == 0) -- 2.40.0