Bug 230

Summary: command_matches() problem
Product: Sudo Reporter: Julian Clifton-Thompson <julianrct>
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: normal    
Priority: low    
Version: 1.6.8   
Hardware: Sun   
OS: Solaris 2.x   

Description Julian Clifton-Thompson 2006-12-04 08:35:29 MST 
Hi,

I think there's a logic problem in the command_matches() function. Using the following sudoers file:

   Cmnd_Alias UCBPS=/usr/ucb/ps
   foo ALL=(ALL)

when user foo runs a "sudo /usr/bin/ps" the command_matches() function is matching "/usr/ucb/ps" (even though we're not using the UCBPS alias), and therefore causes the wrong "ps" to be executed.

On Solaris 10 /usr/bin/ps and /usr/ucb/ps are hardlinks (along with quite a few other programs) to a wrapper that executes the appropriate CPU dependent code (e.g. SPARC v9).

The dev/inode comparison in command_matches() therefore thinks that these are the same program, and returns a match.

I have to admit that I don't fully understand the function, but I would have thought that a string comparison of the full path to the two commands (rather than the basename) would have been performed at some stage. Or, is the function designed to catch "/bin/ps" == "/usr/bin/ps"?

I did add such a comparison and this fixed the problem for me, but without understanding it could well cause other breakage :-)

If there's anything I can do to help please let me know.

Thanks,
Julian
Comment 1 Todd C. Miller 2007-07-05 16:12:41 MDT 
The reason for the dev/inode check is to make sudo work with relative pathnames and automounters that use symlinks as opposed to mounting things in place (e.g. old sun automounter and amd).  However, I believe that changes in the handling of "ALL" in sudo 1.6.9 should work around the issue for you.

There is a release candidate for sudo 1.6.9 which you can download from http://www.sudo.ws/sudo/beta.wml.  If you could give that a spin and let me know if that fixes the issue for you that would be great.
Comment 2 Julian Clifton-Thompson 2007-07-09 08:56:39 MDT 
Hey Todd,

I tried 1.6.9rc2 but still the problem exists. I've cut down the /etc/sudoers file to:

Cmnd_Alias      SYSVPS=/usr/bin/ps
Cmnd_Alias      UCBPS=/usr/ucb/ps
myuser          ALL=(ALL) ALL

If I comment out the UCBPS definition then all works well. Otherwise, the /usr/ucb/ps is always picked up instead of /usr/bin/ps, even when invoking "sudo /usr/bin/ps -ef".

Please let me know if there's any further testing you'd like me to perform.

Many thanks,
Julian
Comment 3 Todd C. Miller 2007-07-09 19:35:04 MDT 
OK, I understand the problem better now.  I had been assuming that ps was choosing its behavior based on argv[0] but it seems the Solaris kernel has some other way of indicating to the process the pathname that it was invoked as.  I've added a workaround to sudo 1.6.8rc3 that should fix this for you.  Please give ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.6.9rc3.tar.gz a try.
Comment 4 Julian Clifton-Thompson 2007-07-10 03:57:55 MDT 
Hey Todd,

That's great - I can confirm that 1.6.9rc3 fixes the problem, and I'm able to invoke either of the ps programs using the sample config I listed before.

Many thanks for your help.

Regards,
Julian
Comment 5 Todd C. Miller 2007-08-02 14:57:39 MDT 
Marking as fixed now that 1.6.9 is out.