From 8695ae1049b5a078eff1eec8b883bf6c39f155d4 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Mon, 28 Sep 2015 15:10:00 -0600
Subject: [PATCH] Also interpose system(3).  On glibc systems you cannot
 interpose the syscalls used internally by libc.

---
 src/sudo_noexec.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/sudo_noexec.c b/src/sudo_noexec.c
index 615f98b69..d36671f29 100644
--- a/src/sudo_noexec.c
+++ b/src/sudo_noexec.c
@@ -61,6 +61,12 @@ typedef struct interpose_s {
     return -1;					\
 }
 
+#define DUMMY1(fn, t1)				\
+__dso_public int				\
+FN_NAME(fn)(t1 a1)				\
+DUMMY_BODY					\
+INTERPOSE(fn)
+
 #define DUMMY2(fn, t1, t2)			\
 __dso_public int				\
 FN_NAME(fn)(t1 a1, t2 a2)			\
@@ -91,6 +97,7 @@ INTERPOSE(fn)
 DUMMY_VA(execl, const char *, const char *)
 DUMMY_VA(execle, const char *, const char *)
 DUMMY_VA(execlp, const char *, const char *)
+DUMMY1(system, const char *)
 DUMMY2(execv, const char *, char * const *)
 DUMMY2(execvp, const char *, char * const *)
 DUMMY3(execve, const char *, char * const *, char * const *)
-- 
2.40.0