For 'sudo ALL' a non-existent command is not an error
(cherry picked from commit 5dce535ae8a82b3a1f011b3647cdbaba89786a8f)
This commit is contained in:
modric
openeuler-sync-bot
parent
c0e5c17e19
commit
42ade64a0a
@ -0,0 +1,43 @@
|
|||||||
|
From 5a59ce159e0c17fb35474c9c516d97703b338027 Mon Sep 17 00:00:00 2001
|
||||||
|
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
|
||||||
|
Date: Thu, 7 Jul 2022 20:11:44 -0600
|
||||||
|
Subject: [PATCH] Fix a NOPASSWD issue with a non-existent command when
|
||||||
|
fdexec=always In command_matches_all(), if the command is fully-qualified and
|
||||||
|
open_cmnd() return false, only treat it as an error if we are able to stat(2)
|
||||||
|
the command. For "sudo ALL" a non-existent command is not an error.
|
||||||
|
|
||||||
|
Reference: https://github.com/sudo-project/sudo/commit/5a59ce159e0c17fb35474c9c516d97703b338027
|
||||||
|
Conflict: match_command.c
|
||||||
|
---
|
||||||
|
plugins/sudoers/match_command.c | 4 +++++--
|
||||||
|
1 file changed, 8 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/plugins/sudoers/match_command.c b/plugins/sudoers/match_command.c
|
||||||
|
index 6d8b3a6..e020e81 100644
|
||||||
|
--- a/plugins/sudoers/match_command.c
|
||||||
|
+++ b/plugins/sudoers/match_command.c
|
||||||
|
@@ -353,11 +353,15 @@ command_matches_all(const char *runchroot,
|
||||||
|
|
||||||
|
if (user_cmnd[0] == '/') {
|
||||||
|
/* Open the file for fdexec or for digest matching. */
|
||||||
|
- if (!open_cmnd(user_cmnd, runchroot, digests, &fd))
|
||||||
|
- goto bad;
|
||||||
|
+ bool open_error = !open_cmnd(user_cmnd, runchroot, digests, &fd);
|
||||||
|
#ifndef SUDOERS_NAME_MATCH
|
||||||
|
- if (!do_stat(fd, user_cmnd, runchroot, intercepted, NULL))
|
||||||
|
- goto bad;
|
||||||
|
+ /* A non-existent file is not an error for "sudo ALL". */
|
||||||
|
+ if (do_stat(fd, user_cmnd, runchroot, intercepted, NULL)) {
|
||||||
|
+ if (open_error) {
|
||||||
|
+ /* File exists but we couldn't open it above? */
|
||||||
|
+ goto bad;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.33.0
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -1,6 +1,6 @@
|
|||||||
Name: sudo
|
Name: sudo
|
||||||
Version: 1.9.8p2
|
Version: 1.9.8p2
|
||||||
Release: 8
|
Release: 9
|
||||||
Summary: Allows restricted root access for specified users
|
Summary: Allows restricted root access for specified users
|
||||||
License: ISC
|
License: ISC
|
||||||
URL: http://www.courtesan.com/sudo/
|
URL: http://www.courtesan.com/sudo/
|
||||||
@ -28,6 +28,7 @@ Patch14: backport-Fix-memory-leak-of-pass-in-converse.patch
|
|||||||
Patch15: backport-sudo_passwd_cleanup-Set-auth-data-to-NULL-after-free.patch
|
Patch15: backport-sudo_passwd_cleanup-Set-auth-data-to-NULL-after-free.patch
|
||||||
Patch16: backport-sudo_rcstr_dup-Fix-potential-NULL-pointer-deref.patch
|
Patch16: backport-sudo_rcstr_dup-Fix-potential-NULL-pointer-deref.patch
|
||||||
Patch17: backport-CVE-2023-22809.patch
|
Patch17: backport-CVE-2023-22809.patch
|
||||||
|
Patch18: backport-Fix-a-NOPASSWD-issue-with-a-non-existent-command-whe.patch
|
||||||
|
|
||||||
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||||
Requires: pam
|
Requires: pam
|
||||||
@ -178,6 +179,9 @@ install -p -c -m 0644 %{SOURCE3} $RPM_BUILD_ROOT/etc/pam.d/sudo-i
|
|||||||
%exclude %{_pkgdocdir}/ChangeLog
|
%exclude %{_pkgdocdir}/ChangeLog
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Feb 01 2023 wangyu <wangyu283@huawei.com> - 1.9.8p2-9
|
||||||
|
- For "sudo ALL" a non-existent command is not an error.
|
||||||
|
|
||||||
* Thu Jan 19 2023 houmingyong<houmingyong@huawei.com> - 1.9.8p2-8
|
* Thu Jan 19 2023 houmingyong<houmingyong@huawei.com> - 1.9.8p2-8
|
||||||
- Fix CVE-2023-22809
|
- Fix CVE-2023-22809
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user