Jesse Smith
f400e06e1f
Merge pull request #18 from ng-0/netbsd-buildimprovements
...
Makefile: Add DESTDIR, MANDIR, and SYSCONFDIR variables.
2019-08-20 14:47:59 -03:00
ng0
5bef71c735
Makefile: Add DESTDIR, MANDIR, and SYSCONFDIR variables.
2019-08-20 17:05:34 +00:00
Jesse Smith
8e9c2bde06
Removed the transfer of most environment variables, such as USER, HOME,
...
and PATH from the original user to the target user. This could cause
files in the wrogn path or home directory to be read (or written to),
which resulted in potential security problems.
This has been changed so that only DISPLAY and TERM are passed to the
new environment. This is fine for running command line programs. When
GUI programs need to be run, "keepenv" can be added to the user's
doas.conf entry. This results in variables like HOME being copied
to the target user, allowing GUI programs to run.
Many thanks to Sander Bos for reporting this issue and explaining
how it can be exploited.
This commit also adds the ability to pass a customized PATH to
target users. The new PATH can be set at compile time in the
Makefile. The default path is provided in the Makefile and commented
out.
2019-08-03 17:39:15 -03:00
Jesse Smith
a8cd6a47ad
Removed unused variable assignment in execvpe.c
2019-07-21 20:13:56 -03:00
Jesse Smith
b96ddd6c3f
Fix format warning from Clang compiler.
2019-07-06 14:23:38 -03:00
Jesse Smith
3a208f47df
Create README.md
2019-06-24 20:22:33 -03:00
Jesse Smith
0e23c8e1cb
Merge branch 'netbsd'
2019-06-24 19:17:59 -03:00
Jesse Smith
1f76dd9515
Enabled doas to compile and run on NetBSD 8.1.
2019-06-24 19:15:03 -03:00
Jesse Smith
64d27e1c8b
Whitespace change
2019-06-24 19:13:28 -03:00
Jesse Smith
fd79e385d7
Minor fixes to avoid compiling error on FreeBSD following Linux fixes.
2019-03-10 19:22:09 -03:00
Jesse Smith
c8cb4d999e
Avoid echoing stdin when output is piped to doas.
...
Fix asprintf() compile warning when building on Linux.
2019-03-10 19:11:40 -03:00
Jesse Smith
fe6d3a342b
Updated doas.c with patch from arthepsy. Fixes -n flag
...
so if a password prompt is required, doas will automatically fail.
2017-10-11 10:32:20 -03:00
Jesse Smith
4bd6c1c178
Fixed issue with port of doas searching the user's full path for
...
commands matching the "cmd" parameter in doas.conf. The path
should be shortened to system-standard paths. This prevents
the user from injecting their own application with a familiar
name in their PATH variable and tricking doas into running it.
2017-09-05 21:40:47 -03:00
Jesse Smith
261c216449
Updated license file.
...
Fixes potential buffer overflow on Linux systems. (Thanks to Duncaen for pointing out the issue.)
2017-02-24 10:46:46 -04:00
Jesse Smith
31f072078a
Merge branch 'katakk-up' Brings us up to speed with OpenBSD 5.9.
2017-02-17 11:25:54 -04:00
Jesse Smith
ce871f82bc
Updated documentation to include -- paramter and to make it clear
...
the persist keyword does not currently work on Linux or FreeBSD.
2017-02-17 11:24:29 -04:00
Jesse Smith
fb1108b586
Merge pull request #10 from tuxillo/patch-2
...
Fix build for DragonFly BSD
2017-02-15 09:23:58 -04:00
Antonio Huete Jimenez
89ef570890
Fix build for DragonFly BSD
...
Until our sys/tree.h gets synced.
2017-02-15 11:33:34 +01:00
katakk
453102110a
Merge, update from OpenBSD
2017-01-24 01:12:56 +09:00
Jesse Smith
a15e6ed35c
Merge pull request #7 from t6/patch-prompt
...
Workaround for issue #3 : hide stdin from openpam_ttyconv
2016-11-09 15:10:51 -04:00
Tobias Kortkamp
7ab94a448a
Restore old behavior on Linux which was broken by the last commit
...
Small change in the Makefile so doas compiles on Ubuntu 16.04
2016-11-03 21:28:20 +01:00
Tobias Kortkamp
dbfba4e976
Workaround for issue #3 : hide stdin from openpam_ttyconv
...
openpam_ttyconv checks if stdin is a terminal and if it is then does
not bother to open /dev/tty. The result is that PAM writes the
password prompt directly to stdout. In scenarios where stdin is a
terminal, but stdout is redirected to a file e.g. by running doas ls
&> ls.out interactively, the password prompt gets written to ls.out as
well. By closing stdin first we forces PAM to read/write to/from the
terminal directly. We restore stdin after authenticating.
Also see https://github.com/freebsd/freebsd/blob/master/contrib/openpam/lib/libpam/openpam_ttyconv.c#L293
2016-11-03 12:04:18 +01:00
Jesse Smith
045f56f088
Merge pull request #6 from t6/patch-login_cap
...
Use setusercontext on FreeBSD
2016-09-24 16:31:25 -03:00
Tobias Kortkamp
08dab0cd9c
Use setusercontext on FreeBSD and get rid of the geteuid/setuid workaround
2016-09-17 02:15:40 +02:00
Jesse Smith
8bec4dcaa6
Fixed bug which prevented the -u flag from switching to
...
the specified user on FreeBSD when the option was permitted
in the doas.conf file.
2016-08-06 17:31:52 -03:00
Jesse
dc0fb3212d
When the user is allowed to run commands without a password (ie nopass has
...
been set in the doas.conf file) then we do not need to redirect a password
prompt to stderr. This patch makes sure output is displayed properly
when the user authenticates with "nopass" set.
2016-07-05 19:45:40 +00:00
Jesse Smith
1a3589f137
Minor clean up of pre-compiler directive that was broken by merge.
2016-06-26 16:40:31 -03:00
Jesse Smith
76f082bed7
cleared up merge errors in doas.c
2016-06-26 16:38:44 -03:00
Jesse Smith
24705b6558
Merge work from branch 'linux'
2016-06-26 16:37:25 -03:00
Jesse Smith
4b32171218
Made sure when running as the effective user root (euid is zero) we actually become
...
uid 0 in order to avoid file system permission errors/restrictions.
2016-06-26 16:24:42 -03:00
Jesse Smith
47b4ab919a
Linux port now compiles and runs. Properly authenticates.
2016-06-26 14:34:33 -03:00
Jesse Smith
304ddb0f5a
Minor update to Linux port.
2016-06-26 14:07:06 -03:00
Jesse Smith
14ea837825
Imported hiding password prompt into Linux branch.
2016-06-26 11:45:58 -03:00
Jesse Smith
cdf69cb5f5
This commit allows doas to compile on Linux. Does not authenticate yet.
2016-06-26 11:41:31 -03:00
Jesse
cef2929df3
Force PAM to display password prompt on stderr instead of stdout. This makes
...
it possible to redirect command output to a file/pipe without including the doas
password prompt in the output.
2016-06-25 18:32:20 +00:00
Jesse Smith
720db72121
Try to bail out if permitted user suppleis incorrect password.
2016-06-24 16:01:35 -03:00
Jesse Smith
f3958f04ad
Added reallocarray.c to Makefile to insure it compiles.
2016-06-24 10:06:43 -03:00
Jesse Smith
5559ab3b42
Merge pull request #1 from t6/reallocarray
...
Import reallocarray implementation from OpenBSD
2016-06-24 09:39:40 -03:00
Tobias Kortkamp
aea70ce4ea
Apply patches from security/doas port
2016-06-24 13:42:00 +02:00
Tobias Kortkamp
0e2179b92e
Simplify Makefile and respect CFLAGS and LDFLAGS from environment
2016-06-24 13:38:10 +02:00
Tobias Kortkamp
64ab988d34
Change realloc() back to reallocarray()
2016-06-24 13:29:08 +02:00
Tobias Kortkamp
ef6ff75f22
Fix reallocarray.c compilation on FreeBSD
2016-06-24 13:25:03 +02:00
Tobias Kortkamp
9183a0bb31
Add lib/libc/stdlib/reallocarray.c from OpenBSD
2016-06-24 13:24:23 +02:00
User Jesse
e6f145622d
Removed unused reallocarr.c file and removed references to it from Makefile.
...
Fixed typo in parse.y which used + instead of * when calculating memory usage.
2016-06-22 22:59:03 +00:00
Jesse Smith
d55af6cdf4
This is the initial port of doas to FreeBSD. It compiles, installs and works.
...
Could probably use a clean-up, but this code is functional on FreeBSD 10.3.
2016-06-22 12:21:34 -03:00
Jesse Smith
cb8d475985
Initial upload from OpenBSD
...
This is the initial upload from OpenBSD. Kept for history and comparision with future releases.
2016-06-22 12:17:53 -03:00
Jesse Smith
de1553d114
Initial commit
2016-06-22 12:16:18 -03:00