[sudo-commits] sudo changeset 11898:7207f993d347
Todd C. Miller
Todd.Miller at sudo.ws
Sun Nov 3 06:50:21 MST 2019
changeset: 11898:7207f993d347 in /raid/repos/sudo
details: https://www.sudo.ws/repos/sudo/rev/7207f993d347
user: Todd C. Miller <Todd.Miller at sudo.ws>
date: Sat Nov 02 10:51:49 2019 -0600
Log Message:
Call closefrom() before we change to a non-root UID.
This prevents another process from changing the NOFILE resource limit
of the child process and defeating the closefrom() call.
Reported by Joe Vennix from Apple Information Security.
diffstat:
src/exec.c | 48 ++++++++++++++++++++++++++++++------------------
src/tgetpass.c | 3 ++-
2 files changed, 32 insertions(+), 19 deletions(-)
More information about the sudo-commits
mailing list