trifectatechfoundation / sudo-rs

A memory safe implementation of sudo and su.
Other
2.9k stars 79 forks source link

PAM behaviour differs between Linux/FreeBSD, causing `fork`-unsafety on BSD #888

Open squell opened 1 week ago

squell commented 1 week ago

Potential steps to reproduce:

On Linux PAM will ask the user to authenticate even when the user wants to run su to become itself. On FreeBSD PAM will allow su to be used without authentication when the target is the same as the calling user. I'm not sure how to configure Linux PAM to get the FreeBSD behavior in a test.

The problem is that this behaviour causes sudo to return after having forked, closing file descriptors that have already been closed, etc.

See the linked PR.

bjorn3 commented 1 week ago

Any error between close_the_universe and exec would have this problem. The exact repro I mentioned is just one of the ways this can theoretically happen.