Skip to content

Commit 0a0fd56

Browse files
committed
Revert "Revert "Implement support for NOEXEC (#1073)""
This reverts commit 58c2df5.
1 parent efea09b commit 0a0fd56

File tree

15 files changed

+534
-16
lines changed

15 files changed

+534
-16
lines changed

Cargo.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ name = "visudo"
2929
path = "bin/visudo.rs"
3030

3131
[dependencies]
32-
libc = "0.2.149"
32+
libc = "0.2.152"
3333
glob = "0.3.0"
3434
log = { version = "0.4.11", features = ["std"] }
3535

src/common/context.rs

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@ pub struct Context {
3131
pub process: Process,
3232
// policy
3333
pub use_pty: bool,
34+
pub noexec: bool,
3435
}
3536

3637
#[derive(Clone, Copy, Debug, Default, PartialEq, Eq)]
@@ -93,6 +94,7 @@ impl Context {
9394
non_interactive: sudo_options.non_interactive,
9495
process: Process::new(),
9596
use_pty: true,
97+
noexec: false,
9698
})
9799
}
98100

@@ -117,6 +119,7 @@ impl Context {
117119
non_interactive: sudo_options.non_interactive,
118120
process: Process::new(),
119121
use_pty: true,
122+
noexec: false,
120123
})
121124
}
122125

@@ -161,6 +164,7 @@ impl Context {
161164
non_interactive: sudo_options.non_interactive,
162165
process: Process::new(),
163166
use_pty: true,
167+
noexec: false,
164168
})
165169
}
166170

@@ -179,6 +183,7 @@ impl Context {
179183
group: &self.target_group,
180184

181185
use_pty: self.use_pty,
186+
noexec: self.noexec,
182187
})
183188
}
184189
}

src/defaults/mod.rs

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,7 @@ defaults! {
3636
env_editor = true
3737
rootpw = false
3838
targetpw = false
39+
noexec = false
3940

4041
apparmor_profile = None (!= None)
4142
passwd_tries = 3 [0..=1000]

src/exec/mod.rs

Lines changed: 21 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,8 @@
11
mod event;
22
mod io_util;
33
mod no_pty;
4+
#[cfg(target_os = "linux")]
5+
mod noexec;
46
mod use_pty;
57

68
use std::{
@@ -24,7 +26,9 @@ use crate::{
2426
signal::{consts::*, signal_name},
2527
wait::{Wait, WaitError, WaitOptions},
2628
},
27-
system::{kill, set_target_user, signal::SignalNumber, term::UserTerm, Group, User},
29+
system::{
30+
kill, set_target_user, signal::SignalNumber, term::UserTerm, FileCloser, Group, User,
31+
},
2832
};
2933

3034
use self::{
@@ -43,6 +47,7 @@ pub struct RunOptions<'a> {
4347
pub group: &'a Group,
4448

4549
pub use_pty: bool,
50+
pub noexec: bool,
4651
}
4752

4853
/// Based on `ogsudo`s `exec_pty` function.
@@ -53,6 +58,8 @@ pub fn run_command(
5358
options: RunOptions<'_>,
5459
env: impl IntoIterator<Item = (impl AsRef<OsStr>, impl AsRef<OsStr>)>,
5560
) -> io::Result<ExitReason> {
61+
let mut file_closer = FileCloser::new();
62+
5663
// FIXME: should we pipe the stdio streams?
5764
let qualified_path = options.command;
5865
let mut command = Command::new(qualified_path);
@@ -74,6 +81,16 @@ pub fn run_command(
7481
command.arg0(OsStr::from_bytes(&process_name));
7582
}
7683

84+
if options.noexec {
85+
#[cfg(target_os = "linux")]
86+
noexec::add_noexec_filter(&mut command, &mut file_closer);
87+
88+
#[cfg(not(target_os = "linux"))]
89+
return Err(io::Error::other(
90+
"NOEXEC is currently only supported on Linux",
91+
));
92+
}
93+
7794
// Decide if the pwd should be changed. `--chdir` takes precedence over `-i`.
7895
let path = options
7996
.chdir
@@ -108,14 +125,14 @@ pub fn run_command(
108125

109126
if options.use_pty {
110127
match UserTerm::open() {
111-
Ok(user_tty) => exec_pty(sudo_pid, command, user_tty),
128+
Ok(user_tty) => exec_pty(sudo_pid, file_closer, command, user_tty),
112129
Err(err) => {
113130
dev_info!("Could not open user's terminal, not allocating a pty: {err}");
114-
exec_no_pty(sudo_pid, command)
131+
exec_no_pty(sudo_pid, file_closer, command)
115132
}
116133
}
117134
} else {
118-
exec_no_pty(sudo_pid, command)
135+
exec_no_pty(sudo_pid, file_closer, command)
119136
}
120137
}
121138

src/exec/no_pty.rs

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,11 @@ use crate::{
2626
},
2727
};
2828

29-
pub(super) fn exec_no_pty(sudo_pid: ProcessId, mut command: Command) -> io::Result<ExitReason> {
29+
pub(super) fn exec_no_pty(
30+
sudo_pid: ProcessId,
31+
mut file_closer: FileCloser,
32+
mut command: Command,
33+
) -> io::Result<ExitReason> {
3034
// FIXME (ogsudo): Initialize the policy plugin's session here.
3135

3236
// Block all the signals until we are done setting up the signal handlers so we don't miss
@@ -39,8 +43,6 @@ pub(super) fn exec_no_pty(sudo_pid: ProcessId, mut command: Command) -> io::Resu
3943
}
4044
};
4145

42-
let mut file_closer = FileCloser::new();
43-
4446
// FIXME (ogsudo): Some extra config happens here if selinux is available.
4547

4648
// Use a pipe to get the IO error if `exec` fails.

0 commit comments

Comments
 (0)