|
Bugzilla – Full Text Bug Listing |
| Summary: | Sudo executes all process with ENOEXEC return as a shell script | ||
|---|---|---|---|
| Product: | Sudo | Reporter: | Sam Bingner <sam> |
| Component: | Sudo | Assignee: | Todd C. Miller <Todd.Miller> |
| Status: | ASSIGNED --- | ||
| Severity: | low | ||
| Priority: | low | ||
| Version: | 1.8.27 | ||
| Hardware: | All | ||
| OS: | All | ||
| Attachments: |
Patch to fix the issue
Corrected patch |
||
This patch is bad, fixing :| Created attachment 523 [details]
Corrected patch
This should correct the issue because if ENOEXEC is encountered, the shell will correctly interpret the proper command from the shebang. My original patch erroneously did not include arguments to the command being executed.
I'm sorry but I don't think this is correct. The current behavior is consistent with how the execvp(3) C library function and /bin/sh behave. The purpose is to support shell scripts *without* a shebang. If a shebang was present we should not get ENOEXEC when trying to execute it in the first place. What problem are you trying to solve? Some OS do not have kernel support for shebangs, that is when this patch would make a difference. You can see how bash handles these things here: http://git.savannah.gnu.org/cgit/bash.git/tree/execute_cmd.c#n5731 The logic to handle shebangs in bash is just before that comment at line 5701. As you can see it says that it should only treat it as a shell script if there is NO shebang and it is a non-binary file. If you don't like letting the shell handle the logic, I could port over the bash logic. Are you actually using such an OS or is this just theoretical? I sort of use such an OS. On jailbroken iOS (iPhones) apple has disabled support for shebang scripts. |
Created attachment 522 [details] Patch to fix the issue If sudo gets ENOEXEC it will execute '/bin/sh file args' where it should be '/bin/sh -c "file" args' as the former tries to execute any file as a shell script. Patch to fix this on 1.8.27 attached