/* Check whether the user is in the admin group. */
if (!user_in_group(sudo_user.pw, "admin") && !user_in_group(sudo_user.pw, "sudo")) debug_return_int(true);
and then user_in_group calls:
if ((grlist = sudo_get_grlist(pw)) != NULL) {
if "admin" == pw->pw_gid: matched = 1, goto done.
(gdb) print sudo_user->pw->pw_gid
$5 = 7241
Not the case.
/*
* Next check the supplementary group vector.
* It usually includes the password db group too.
*/
for (i = 0; i < grlist->ngroups; i++) {
if (strcasecmp(group, grlist->groups[i]) == 0) { matched = true;
goto done;
}
}
(2)
Going back to backtrace we have:
mode_run -> policy_check -> sudoers_policy_main - >create_ admin_success_ flag -> user_in_group (global sudo_user)
/* Check whether the user is in the admin group. */ in_group( sudo_user. pw, "admin") &&
!user_in_ group(sudo_ user.pw, "sudo"))
debug_return_ int(true) ;
if (!user_
and then user_in_group calls:
if ((grlist = sudo_get_ grlist( pw)) != NULL) {
if "admin" == pw->pw_gid: matched = 1, goto done.
(gdb) print sudo_user- >pw->pw_ gid
$5 = 7241
Not the case.
/*
* Next check the supplementary group vector.
* It usually includes the password db group too.
*/
for (i = 0; i < grlist->ngroups; i++) {
matched = true;
if (strcasecmp(group, grlist->groups[i]) == 0) {
goto done;
}
}
(gdb) frame 1 entry=0x7fa01c0 b14c4 "admin") sudo-g3ghsu/ sudo-1. 8.16/plugins/ sudoers/ pwutil. c:842 pw->pw_ gid)) != NULL) {
#1 0x00007fa01c0a7ab1 in user_in_group (pw=0x56174c050ca8, group=group@
at /build/
842 if ((grp = sudo_getgrgid(
(gdb) print grlist->ngroups
$6 = 1
(gdb) print grlist->groups[0]
$7 = 0x56174c050d7f "sudo"
This should have gone to "done" because it is "sudo".
But we are checking for "admin":
(gdb) print group
$12 = 0x7fa01c0b14c4 "admin"
In both cases it should have finished and not continued. If it continued, it would go to “PROBLEM" (comment #6)