Martin Schulze wrote:
> Martin Schulze wrote:
> > > It's been fixed upstream in 1.6.8p12.
> >
> > This is true, but it becomes rediculous.
>
> Finally allocated some time to develop a minimal patch.
>
> The attached patch only uses the variables listed in env_check to
> be passed to the setuid environment. This will preserve language
> settings by default, but nothing more.
This time with the attachment attached.
Regards,
Joey
--
If nothing changes, everything will remain the same. -- Barne's Law
Please always Cc to me when replying to me on the lists.
diff -u sudo-1.6.8p7/env.c sudo-1.6.8p7/env.c
--- sudo-1.6.8p7/env.c
+++ sudo-1.6.8p7/env.c
@@ -136,6 +136,7 @@
"LC_*",
"LANG",
"LANGUAGE",
+ "TERM",
NULL
};
@@ -425,7 +426,7 @@
* env_check.
*/
for (ep = envp; *ep; ep++) {
- okvar = 1;
+ okvar = 0;
/* Skip variables with values beginning with () (bash functions) */
if ((cp = strchr(*ep, '=')) != NULL) {
@@ -434,6 +435,7 @@
}
/* Skip anything listed in env_delete. */
+#if 0
for (cur = def_env_delete; cur && okvar; cur = cur->next) {
len = strlen(cur->value);
/* Deal with '*' wildcard */
@@ -447,9 +449,10 @@
okvar = 0;
}
}
+#endif
/* Check certain variables for '%' and '/' characters. */
- for (cur = def_env_check; cur && okvar; cur = cur->next) {
+ for (cur = def_env_check; cur; cur = cur->next) {
len = strlen(cur->value);
/* Deal with '*' wildcard */
if (cur->value[len - 1] == '*') {
@@ -459,8 +462,8 @@
iswild = 0;
if (strncmp(cur->value, *ep, len) == 0 &&
(iswild || (*ep)[len] == '=') &&
- strpbrk(*ep, "/%")) {
- okvar = 0;
+ strpbrk(*ep, "/%") == NULL) {
+ okvar = 1;
}
}
