|
Bugzilla – Full Text Bug Listing |
| Summary: | The `sudo -e` command will empty files if the temp disk is out of space | ||
|---|---|---|---|
| Product: | Sudo | Reporter: | Bailey Stoner <sudo> |
| Component: | Sudo | Assignee: | Todd C. Miller <Todd.Miller> |
| Status: | RESOLVED FIXED | ||
| Severity: | high | ||
| Priority: | low | ||
| Version: | 1.8.31 | ||
| Hardware: | PC | ||
| OS: | Linux | ||
|
Description
Bailey Stoner
2020-04-12 16:05:31 MDT
What editor did you use and do you have SELinux enabled? I haven't been able to reproduce the problem locally. Sudo itself checks for write errors when creating its temporary files. However, if the disk filled up *after* the temp files were written successfully and your editor truncated the files sudo doesn't have a way to tell that something went wrong unless the editor exits with an error. Wow! Thanks for the quick followup. My editor is neovim, no SE Linux. No fancy plugins that would change any dangerous buffer writing settings or anything. There was a daemon writing that was writing files and I didn't realize it had filled the disk, so maybe it was the second issue that you mentioned. In the end, the temp file seemed to have been written to but became empty - so it seems sudo went ahead and moved the empty file over? I wonder if sudo could have a safety check for the case of an empty file, but maybe that's more of a nuisance than a useful thing? Sudo could do an extra check when the edited file is zero length but the original was not and prompt the user for what to do. Editing a file to be zero length might not always be wrong but it is suspicious. Added a prompt when the resulting file will become zero bytes: https://www.sudo.ws/repos/sudo/rev/8bfaa57d5bd4 In sudo 1.9.3, sudoedit will now prompt the user before overwriting an existing file with one that is zero-length after editing. |