[sudo-users] path expansion
Todd C. Miller
Todd.Miller at courtesan.com
Mon Aug 2 14:40:36 EDT 2004
In message <BBB646166E3FCE46A5E9CE14B2525586015ECCA1 at MERC27.na.sas.com>
so spake "Galen Johnson" (Galen.Johnson):
> Yes it does. I thought that maybe it had to do with the path but even after
> I added it to my path I get the same thing. Strange thing is it doesn't seem
> to be entirely consistant. I mistakenly typed a cat command and it showed '
> /bin/cat /etc/sudoers' as not being allowed (at least the error expanded the
> path if nothing else).
Hmm, I can see why this happens in 1.6.8rc3 but I don't see why it
affects the older versions since they used strchr().
Below is the fix for 1.6.8rc3 that works for me.
- todd
Index: parse.c
===================================================================
RCS file: /home/cvs/courtesan/sudo/parse.c,v
retrieving revision 1.158
diff -u -r1.158 parse.c
--- parse.c 23 Jul 2004 20:43:09 -0000 1.158
+++ parse.c 2 Aug 2004 18:36:22 -0000
@@ -245,7 +245,7 @@
static char *cmnd_base;
/* Check for pseudo-commands */
- if (*cmnd != '/') {
+ if (strchr(cmnd, '/') == NULL) {
/*
* Return true if cmnd is "sudoedit" AND
* a) there are no args in sudoers OR
More information about the sudo-users
mailing list