From 5919eb1fa60ece5376df5a768eed989e473a4ec5 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sun, 8 Jul 2007 18:44:28 +0000 Subject: [PATCH] Call rebuild_env() in call cases. Pass original envp to sudo_edit(). Don't allow -E or env var setting in sudoedit mode. More accurate usage() when called as sudoedit. --- sudo.c | 100 ++++++++++++++++++++++++++++++++++------------------ sudo_edit.c | 5 ++- 2 files changed, 69 insertions(+), 36 deletions(-) diff --git a/sudo.c b/sudo.c index e5a13210a..e50aa647b 100644 --- a/sudo.c +++ b/sudo.c @@ -114,7 +114,7 @@ static void usage __P((int)) static void usage_excl __P((int)) __attribute__((__noreturn__)); static struct passwd *get_authpw __P((void)); -extern int sudo_edit __P((int, char **)); +extern int sudo_edit __P((int, char **, char **)); extern char **rebuild_env __P((char **, int, int)); /* @@ -146,9 +146,10 @@ sigaction_t saved_sa_int, saved_sa_quit, saved_sa_tstp, saved_sa_chld; int -main(argc, argv) +main(argc, argv, envp) int argc; char **argv; + char **envp; { int validated = 0; int fd; @@ -342,13 +343,12 @@ main(argc, argv) (void) close(fd); } - /* Build a new environment based on the rules in sudoers. */ - if (ISSET(sudo_mode, MODE_RUN)) { - /* User may have overrided environment resetting via the -E flag. */ - if (ISSET(sudo_mode, MODE_PRESERVE_ENV) && def_setenv) - def_env_reset = FALSE; - environ = rebuild_env(environ, sudo_mode, def_noexec); - } + /* User may have overriden environment resetting via the -E flag. */ + if (ISSET(sudo_mode, MODE_PRESERVE_ENV) && def_setenv) + def_env_reset = FALSE; + + /* Build a new environment that avoids any nasty bits. */ + environ = rebuild_env(environ, sudo_mode, def_noexec); /* Fill in passwd struct based on user we are authenticating as. */ auth_pw = get_authpw(); @@ -438,7 +438,7 @@ main(argc, argv) } if (ISSET(sudo_mode, MODE_EDIT)) - exit(sudo_edit(NewArgc, NewArgv)); + exit(sudo_edit(NewArgc, NewArgv, envp)); /* Restore signal handlers before we exec. */ (void) sigaction(SIGINT, &saved_sa_int, NULL); @@ -930,6 +930,15 @@ args_done: if (NewArgc > 0 && rval == MODE_LIST) rval = MODE_CHECK; + if (ISSET(rval, MODE_EDIT) && + (ISSET(rval, MODE_PRESERVE_ENV) || sudo_user.env_vars != NULL)) { + if (ISSET(rval, MODE_PRESERVE_ENV)) + warningx("the `-E' option is not valid in edit mode"); + if (sudo_user.env_vars != NULL) + warningx("you may not specify environment variables in edit mode"); + usage(1); + } + if (user_runas != NULL && !ISSET(rval, (MODE_EDIT|MODE_RUN|MODE_CHECK))) { if (excl != '\0') warningx("the `-u' and '-%c' options may not be used together", @@ -1290,9 +1299,17 @@ static void usage(exit_val) int exit_val; { - char **p; - int linelen, linemax, ulen; - static char *uvec[] = { + char **p, **uvec[5]; + int i, linelen, linemax, ulen; + static char *uvec1[] = { + " -K | -L | -V | -h | -k | -v", + NULL + }; + static char *uvec2[] = { + " [-U username] [-u username|#uid] -l [command]", + NULL + }; + static char *uvec3[] = { " [-bEHPS]", #ifdef HAVE_BSD_AUTH_H " [-a auth_type]", @@ -1307,41 +1324,54 @@ usage(exit_val) " { -e file [...] | -i | -s | }", NULL }; + static char *uvec4[] = { + " [-S]", +#ifdef HAVE_BSD_AUTH_H + " [-a auth_type]", +#endif + " [-C fd]", +#ifdef HAVE_LOGIN_CAP_H + " [-c class|-]", +#endif + " [-p prompt]", + " [-u username|#uid]", + " file [...]", + NULL + }; /* - * For sudoedit, replace the last entry in the usage vector. - * For sudo, print the secondary usage. + * Use usage vectors appropriate to the progname. */ if (strcmp(getprogname(), "sudoedit") == 0) { - /* Replace the last entry in the usage vector. */ - for (p = uvec; p[1] != NULL; p++) - continue; - *p = " file [...]"; + uvec[0] = uvec4; + uvec[1] = NULL; } else { - fprintf(stderr, "usage: %s -K | -L | -V | -h | -k | -v\n", - getprogname()); - fprintf(stderr, - "usage: %s [-U username] [-u username|#uid] -l [command]\n", - getprogname()); + uvec[0] = uvec1; + uvec[1] = uvec2; + uvec[2] = uvec3; + uvec[3] = uvec4; + uvec[4] = NULL; } /* - * Print the main usage and wrap lines as needed. + * Print usage and wrap lines as needed. * Assumes an 80-character wide terminal, which is kind of bogus... */ ulen = (int)strlen(getprogname()) + 7; linemax = 80; - linelen = linemax - ulen; - printf("usage: %s", getprogname()); - for (p = uvec; *p != NULL; p++) { - if (linelen == linemax || (linelen -= strlen(*p)) >= 0) { - fputs(*p, stdout); - } else { - p--; - linelen = linemax; - printf("\n%*s", ulen, ""); + for (i = 0; uvec[i] != NULL; i++) { + linelen = linemax - ulen; + printf("usage: %s", getprogname()); + for (p = uvec[i]; *p != NULL; p++) { + if (linelen == linemax || (linelen -= strlen(*p)) >= 0) { + fputs(*p, stdout); + } else { + p--; + linelen = linemax; + printf("\n%*s", ulen, ""); + } } + putchar('\n'); } - putchar('\n'); exit(exit_val); } diff --git a/sudo_edit.c b/sudo_edit.c index 748f700c5..1486da922 100644 --- a/sudo_edit.c +++ b/sudo_edit.c @@ -60,13 +60,15 @@ __unused static const char rcsid[] = "$Sudo$"; #endif /* lint */ extern sigaction_t saved_sa_int, saved_sa_quit, saved_sa_tstp, saved_sa_chld; +extern char **environ; /* * Wrapper to allow users to edit privileged files with their own uid. */ -int sudo_edit(argc, argv) +int sudo_edit(argc, argv, envp) int argc; char **argv; + char **envp; { ssize_t nread, nwritten; pid_t kidpid, pid; @@ -192,6 +194,7 @@ int sudo_edit(argc, argv) * based on def_env_editor or def_editor since the editor runs with * the uid of the invoking user, not the runas (privileged) user. */ + environ = envp; if (((editor = getenv("VISUAL")) != NULL && *editor != '\0') || ((editor = getenv("EDITOR")) != NULL && *editor != '\0')) { editor = estrdup(editor); -- 2.40.0