|
 |
a67eaf |
diff -up sudo-1.8.6p7/doc/sudoers.cat.digest_race_doc sudo-1.8.6p7/doc/sudoers.cat
|
|
 |
a67eaf |
--- sudo-1.8.6p7/doc/sudoers.cat.digest_race_doc 2016-05-11 13:53:51.125141217 +0200
|
|
 |
a67eaf |
+++ sudo-1.8.6p7/doc/sudoers.cat 2016-05-11 13:56:10.678178899 +0200
|
|
 |
a67eaf |
@@ -301,13 +301,11 @@ S?SU?UD?DO?OE?ER?RS?S F?FI?IL?LE?E F?FO?
|
|
 |
a67eaf |
|
|
 |
a67eaf |
If a command name is prefixed with a Digest_Spec, the command will only
|
|
 |
a67eaf |
match successfully if it can be verified using the specified SHA-2
|
|
 |
a67eaf |
- digest. This may be useful in situations where the user invoking s?su?ud?do?o
|
|
 |
a67eaf |
- has write access to the command or its parent directory. The following
|
|
 |
a67eaf |
- digest formats are supported: sha224, sha256, sha384 and sha512. The
|
|
 |
a67eaf |
- string may be specified in either hex or base64 format (base64 is more
|
|
 |
a67eaf |
- compact). There are several utilities capable of generating SHA-2
|
|
 |
a67eaf |
- digests in hex format such as openssl, shasum, sha224sum, sha256sum,
|
|
 |
a67eaf |
- sha384sum, sha512sum.
|
|
 |
a67eaf |
+ digest. The following digest formats are supported: sha224, sha256,
|
|
 |
a67eaf |
+ sha384 and sha512. The string may be specified in either hex or base64
|
|
 |
a67eaf |
+ format (base64 is more compact). There are several utilities capable of
|
|
 |
a67eaf |
+ generating SHA-2 digests in hex format such as openssl, shasum,
|
|
 |
a67eaf |
+ sha224sum, sha256sum, sha384sum, sha512sum.
|
|
 |
a67eaf |
|
|
 |
a67eaf |
For example, using openssl:
|
|
 |
a67eaf |
|
|
 |
a67eaf |
@@ -319,6 +317,11 @@ S?SU?UD?DO?OE?ER?RS?S F?FI?IL?LE?E F?FO?
|
|
 |
a67eaf |
$ openssl dgst -binary -sha224 /bin/ls | openssl base64
|
|
 |
a67eaf |
EYGH2oNk1JC0p9679IMATo8+BT7JVDCd4sQaJQ==
|
|
 |
a67eaf |
|
|
 |
a67eaf |
+ If the user has write access to either the command itself or the
|
|
 |
a67eaf |
+ directory in which the command is located (directly or via a s?su?ud?do?o
|
|
 |
a67eaf |
+ command) it may be possible for the user to replace the command after the
|
|
 |
a67eaf |
+ digest check has been performed but before the command is executed.
|
|
 |
a67eaf |
+
|
|
 |
a67eaf |
D?De?ef?fa?au?ul?lt?ts?s
|
|
 |
a67eaf |
Certain configuration options may be changed from their default values at
|
|
 |
a67eaf |
run-time via one or more Default_Entry lines. These may affect all users
|
|
 |
a67eaf |
diff -up sudo-1.8.6p7/doc/sudoers.man.in.digest_race_doc sudo-1.8.6p7/doc/sudoers.man.in
|
|
 |
a67eaf |
--- sudo-1.8.6p7/doc/sudoers.man.in.digest_race_doc 2016-05-11 13:54:01.005002291 +0200
|
|
 |
a67eaf |
+++ sudo-1.8.6p7/doc/sudoers.man.in 2016-05-11 13:58:28.541240345 +0200
|
|
 |
a67eaf |
@@ -679,9 +679,6 @@ is prefixed with a
|
|
 |
a67eaf |
\fRDigest_Spec\fR,
|
|
 |
a67eaf |
the command will only match successfully if it can be verified
|
|
 |
a67eaf |
using the specified SHA-2 digest.
|
|
 |
a67eaf |
-This may be useful in situations where the user invoking
|
|
 |
a67eaf |
-\fBsudo\fR
|
|
 |
a67eaf |
-has write access to the command or its parent directory.
|
|
 |
a67eaf |
The following digest formats are supported: sha224, sha256, sha384 and sha512.
|
|
 |
a67eaf |
The string may be specified in either hex or base64 format
|
|
 |
a67eaf |
(base64 is more compact).
|
|
 |
a67eaf |
@@ -705,6 +702,13 @@ $ openssl dgst -binary -sha224 /bin/ls |
|
|
 |
a67eaf |
EYGH2oNk1JC0p9679IMATo8+BT7JVDCd4sQaJQ==
|
|
 |
a67eaf |
.RE
|
|
 |
a67eaf |
.fi
|
|
 |
a67eaf |
+.PP
|
|
 |
a67eaf |
+If the user has write access to either the command itself or the
|
|
 |
a67eaf |
+directory in which the command is located (directly or via a
|
|
 |
a67eaf |
+\fBsudo\fR
|
|
 |
a67eaf |
+command) it may be possible for the user to replace the command
|
|
 |
a67eaf |
+after the digest check has been performed but before the command
|
|
 |
a67eaf |
+is executed.
|
|
 |
a67eaf |
.SS "Defaults"
|
|
 |
a67eaf |
Certain configuration options may be changed from their default
|
|
 |
a67eaf |
values at run-time via one or more
|
|
 |
a67eaf |
diff -up sudo-1.8.6p7/doc/sudoers.mdoc.in.digest_race_doc sudo-1.8.6p7/doc/sudoers.mdoc.in
|
|
 |
a67eaf |
--- sudo-1.8.6p7/doc/sudoers.mdoc.in.digest_race_doc 2016-05-11 13:54:07.749907447 +0200
|
|
 |
a67eaf |
+++ sudo-1.8.6p7/doc/sudoers.mdoc.in 2016-05-11 13:59:22.263484933 +0200
|
|
 |
a67eaf |
@@ -655,9 +655,6 @@ is prefixed with a
|
|
 |
a67eaf |
.Li Digest_Spec ,
|
|
 |
a67eaf |
the command will only match successfully if it can be verified
|
|
 |
a67eaf |
using the specified SHA-2 digest.
|
|
 |
a67eaf |
-This may be useful in situations where the user invoking
|
|
 |
a67eaf |
-.Nm sudo
|
|
 |
a67eaf |
-has write access to the command or its parent directory.
|
|
 |
a67eaf |
The following digest formats are supported: sha224, sha256, sha384 and sha512.
|
|
 |
a67eaf |
The string may be specified in either hex or base64 format
|
|
 |
a67eaf |
(base64 is more compact).
|
|
 |
a67eaf |
@@ -675,6 +672,13 @@ It is also possible to use openssl to ge
|
|
 |
a67eaf |
$ openssl dgst -binary -sha224 /bin/ls | openssl base64
|
|
 |
a67eaf |
EYGH2oNk1JC0p9679IMATo8+BT7JVDCd4sQaJQ==
|
|
 |
a67eaf |
.Ed
|
|
 |
a67eaf |
+.Pp
|
|
 |
a67eaf |
+If the user has write access to either the command itself or the
|
|
 |
a67eaf |
+directory in which the command is located (directly or via a
|
|
 |
a67eaf |
+.Nm sudo
|
|
 |
a67eaf |
+command) it may be possible for the user to replace the command
|
|
 |
a67eaf |
+after the digest check has been performed but before the command
|
|
 |
a67eaf |
+is executed.
|
|
 |
a67eaf |
.Ss Defaults
|
|
 |
a67eaf |
Certain configuration options may be changed from their default
|
|
 |
a67eaf |
values at run-time via one or more
|