Blame SOURCES/sudo-1.8.6p7-closefrom-override-fix.patch

3f2bfe
diff -up sudo-1.8.6p7/plugins/sudoers/sudoers.c.closefrom-override-fix sudo-1.8.6p7/plugins/sudoers/sudoers.c
3f2bfe
--- sudo-1.8.6p7/plugins/sudoers/sudoers.c.closefrom-override-fix	2016-02-15 10:31:11.694164366 +0100
3f2bfe
+++ sudo-1.8.6p7/plugins/sudoers/sudoers.c	2016-02-15 10:33:47.711362062 +0100
3f2bfe
@@ -336,15 +336,6 @@ sudoers_policy_main(int argc, char * con
3f2bfe
         goto bad;
3f2bfe
     }    
3f2bfe
 
3f2bfe
-    /* Check for -C overriding def_closefrom. */
3f2bfe
-    if (user_closefrom >= 0 && user_closefrom != def_closefrom) {
3f2bfe
-	if (!def_closefrom_override) {
3f2bfe
-	    warningx(_("you are not permitted to use the -C option"));
3f2bfe
-	    goto bad;
3f2bfe
-	}
3f2bfe
-	def_closefrom = user_closefrom;
3f2bfe
-    }
3f2bfe
-
3f2bfe
     set_perms(PERM_INITIAL);
3f2bfe
 
3f2bfe
     /* Environment variables specified on the command line. */
3f2bfe
@@ -374,8 +365,17 @@ sudoers_policy_main(int argc, char * con
3f2bfe
     if (ISSET(sudo_mode, MODE_PRESERVE_GROUPS))
3f2bfe
 	def_preserve_groups = true;
3f2bfe
 
3f2bfe
-    /* Find command in path */
3f2bfe
+    /* Find command in path and apply per-command Defaults. */
3f2bfe
     cmnd_status = set_cmnd();
3f2bfe
+ 
3f2bfe
+    /* Check for -C overriding def_closefrom. */
3f2bfe
+    if (user_closefrom >= 0 && user_closefrom != def_closefrom) {
3f2bfe
+	if (!def_closefrom_override) {
3f2bfe
+	    warningx(_("you are not permitted to use the -C option"));
3f2bfe
+	    goto bad;
3f2bfe
+	}
3f2bfe
+	def_closefrom = user_closefrom;
3f2bfe
+    } 
3f2bfe
 
3f2bfe
 #ifdef HAVE_SETLOCALE
3f2bfe
     if (!setlocale(LC_ALL, def_sudoers_locale)) {