Bug 230 – command_matches() problem

Bug 230 - command_matches() problem


Summary:	command_matches() problem

Status:	RESOLVED FIXED

Product:	Sudo
Classification:	Unclassified
Component:	Sudo
Version:	1.6.8
Hardware:	Sun Solaris 2.x

Importance:	low normal
Assigned To:	Todd C. Miller

URL:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2006-12-04 08:35 MST by Julian Clifton-Thompson
Modified:	2007-08-02 14:57 MDT (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Julian Clifton-Thompson 2006-12-04 08:35:29 MST

Hi,

I think there's a logic problem in the command_matches() function. Using the following sudoers file:

   Cmnd_Alias UCBPS=/usr/ucb/ps
   foo ALL=(ALL)

when user foo runs a "sudo /usr/bin/ps" the command_matches() function is matching "/usr/ucb/ps" (even though we're not using the UCBPS alias), and therefore causes the wrong "ps" to be executed.

On Solaris 10 /usr/bin/ps and /usr/ucb/ps are hardlinks (along with quite a few other programs) to a wrapper that executes the appropriate CPU dependent code (e.g. SPARC v9).

The dev/inode comparison in command_matches() therefore thinks that these are the same program, and returns a match.

I have to admit that I don't fully understand the function, but I would have thought that a string comparison of the full path to the two commands (rather than the basename) would have been performed at some stage. Or, is the function designed to catch "/bin/ps" == "/usr/bin/ps"?

I did add such a comparison and this fixed the problem for me, but without understanding it could well cause other breakage :-)

If there's anything I can do to help please let me know.

Thanks,
Julian

Comment 1 Todd C. Miller 2007-07-05 16:12:41 MDT

The reason for the dev/inode check is to make sudo work with relative pathnames and automounters that use symlinks as opposed to mounting things in place (e.g. old sun automounter and amd).  However, I believe that changes in the handling of "ALL" in sudo 1.6.9 should work around the issue for you.

There is a release candidate for sudo 1.6.9 which you can download from http://www.sudo.ws/sudo/beta.wml.  If you could give that a spin and let me know if that fixes the issue for you that would be great.

Comment 2 Julian Clifton-Thompson 2007-07-09 08:56:39 MDT

Hey Todd,

I tried 1.6.9rc2 but still the problem exists. I've cut down the /etc/sudoers file to:

Cmnd_Alias      SYSVPS=/usr/bin/ps
Cmnd_Alias      UCBPS=/usr/ucb/ps
myuser          ALL=(ALL) ALL

If I comment out the UCBPS definition then all works well. Otherwise, the /usr/ucb/ps is always picked up instead of /usr/bin/ps, even when invoking "sudo /usr/bin/ps -ef".

Please let me know if there's any further testing you'd like me to perform.

Many thanks,
Julian

Comment 3 Todd C. Miller 2007-07-09 19:35:04 MDT

OK, I understand the problem better now.  I had been assuming that ps was choosing its behavior based on argv[0] but it seems the Solaris kernel has some other way of indicating to the process the pathname that it was invoked as.  I've added a workaround to sudo 1.6.8rc3 that should fix this for you.  Please give ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.6.9rc3.tar.gz a try.

Comment 4 Julian Clifton-Thompson 2007-07-10 03:57:55 MDT

Hey Todd,

That's great - I can confirm that 1.6.9rc3 fixes the problem, and I'm able to invoke either of the ps programs using the sample config I listed before.

Many thanks for your help.

Regards,
Julian

Comment 5 Todd C. Miller 2007-08-02 14:57:39 MDT

Marking as fixed now that 1.6.9 is out.