Skip to content

Instantly share code, notes, and snippets.

@saidelike
Created July 6, 2021 10:30
Show Gist options
  • Save saidelike/7ea4c87a8e6e18b15953d919202fb0c0 to your computer and use it in GitHub Desktop.
Save saidelike/7ea4c87a8e6e18b15953d919202fb0c0 to your computer and use it in GitHub Desktop.
//sudo-1.8.30/plugins/sudoers/sudoers.c
//Note: sudo_1.8.30-1.ph3 does not have sources for it
int
sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
bool verbose, void *closure)
{
...
/* Find command in path and apply per-command Defaults. */
[A] cmnd_status = set_cmnd();
if (cmnd_status == NOT_FOUND_ERROR)
goto done;
/* Check for -C overriding def_closefrom. */
if (user_closefrom >= 0 && user_closefrom != def_closefrom) {
if (!def_closefrom_override) {
/* XXX - audit? */
[D] sudo_warnx(U_("you are not permitted to use the -C option"));
goto bad;
}
def_closefrom = user_closefrom;
}
/*
* Check sudoers sources, using the locale specified in sudoers.
*/
sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
[E] validated = sudoers_lookup(snl, sudo_user.pw, FLAG_NO_USER | FLAG_NO_HOST,
pwflag);
[B] [... lots of code here ...]
/* Require a password if sudoers says so. */
[C] switch (check_user(validated, sudo_mode)) {
case true:
/* user authenticated successfully. */
break;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment