Created
July 6, 2021 10:30
-
-
Save saidelike/7ea4c87a8e6e18b15953d919202fb0c0 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//sudo-1.8.30/plugins/sudoers/sudoers.c | |
//Note: sudo_1.8.30-1.ph3 does not have sources for it | |
int | |
sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[], | |
bool verbose, void *closure) | |
{ | |
... | |
/* Find command in path and apply per-command Defaults. */ | |
[A] cmnd_status = set_cmnd(); | |
if (cmnd_status == NOT_FOUND_ERROR) | |
goto done; | |
/* Check for -C overriding def_closefrom. */ | |
if (user_closefrom >= 0 && user_closefrom != def_closefrom) { | |
if (!def_closefrom_override) { | |
/* XXX - audit? */ | |
[D] sudo_warnx(U_("you are not permitted to use the -C option")); | |
goto bad; | |
} | |
def_closefrom = user_closefrom; | |
} | |
/* | |
* Check sudoers sources, using the locale specified in sudoers. | |
*/ | |
sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale); | |
[E] validated = sudoers_lookup(snl, sudo_user.pw, FLAG_NO_USER | FLAG_NO_HOST, | |
pwflag); | |
[B] [... lots of code here ...] | |
/* Require a password if sudoers says so. */ | |
[C] switch (check_user(validated, sudo_mode)) { | |
case true: | |
/* user authenticated successfully. */ | |
break; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment