Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
DISCONTINUED:openSUSE:11.1:Update
sudo
sudo-1.6.9p17-CVE-2010-0427.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File sudo-1.6.9p17-CVE-2010-0427.diff of Package sudo
Index: set_perms.c =================================================================== --- set_perms.c.orig +++ set_perms.c @@ -376,11 +376,12 @@ set_perms(perm) #endif /* HAVE_SETRESUID */ #ifdef HAVE_INITGROUPS +static int runas_ngroups = -1; +static GETGROUPS_T *runas_groups; + static void runas_setgroups() { - static int ngroups = -1; - static GETGROUPS_T *groups; struct passwd *pw; if (def_preserve_groups) @@ -389,21 +390,28 @@ runas_setgroups() /* * Use stashed copy of runas groups if available, else initgroups and stash. */ - if (ngroups == -1) { + if (runas_ngroups == -1) { pw = runas_pw ? runas_pw : sudo_user.pw; if (initgroups(pw->pw_name, pw->pw_gid) < 0) log_error(USE_ERRNO|MSG_ONLY, "can't set runas group vector"); - if ((ngroups = getgroups(0, NULL)) < 0) + if ((runas_ngroups = getgroups(0, NULL)) < 0) log_error(USE_ERRNO|MSG_ONLY, "can't get runas ngroups"); - groups = emalloc2(ngroups, sizeof(GETGROUPS_T)); - if (getgroups(ngroups, groups) < 0) + runas_groups = emalloc2(runas_ngroups, sizeof(GETGROUPS_T)); + if (getgroups(runas_ngroups, runas_groups) < 0) log_error(USE_ERRNO|MSG_ONLY, "can't get runas group vector"); } else { - if (setgroups(ngroups, groups) < 0) + if (setgroups(runas_ngroups, runas_groups) < 0) log_error(USE_ERRNO|MSG_ONLY, "can't set runas group vector"); } } +void +runas_resetgroups() +{ + runas_ngroups = -1; + efree(runas_groups); +} + static void restore_groups() { Index: sudo.c =================================================================== --- sudo.c.orig +++ sudo.c @@ -131,6 +131,7 @@ extern char **insert_env_vars __P((char extern struct passwd *sudo_getpwnam __P((const char *)); extern struct passwd *sudo_getpwuid __P((uid_t)); extern struct passwd *sudo_pwdup __P((const struct passwd *)); +extern void runas_resetgroups __P((void)); /* * Globals @@ -1244,6 +1245,7 @@ set_runaspw(user) if (runas_pw == NULL) log_error(NO_MAIL|MSG_ONLY, "no passwd entry for %s!", user); } + runas_resetgroups(); return(TRUE); }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor