Subject: pkg/28998: security/sudo: sudoedit not working for non-root users
To: None <pkg-manager@netbsd.org, gnats-admin@netbsd.org,>
From: None <jukka@salmi.ch>
List: pkgsrc-bugs
Date: 01/18/2005 12:06:00
>Number:         28998
>Category:       pkg
>Synopsis:       security/sudo: sudoedit not working for non-root users
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Jan 18 12:06:00 +0000 2005
>Originator:     jukka@salmi.ch
>Release:        NetBSD 2.0
>Environment:
System: NetBSD bart.stasoft.ch 2.0 NetBSD 2.0 (GENERIC) #0: Mon Nov 29 17:05:06 CET 2004 build@bart.stasoft.ch:/build/nbsd/i386/sys/arch/i386/compile/GENERIC i386
Architecture: i386
Machine: i386
>Description:
sudoedit (or 'sudo -e') is not working properly: the temporary file created
by sudoedit is owned by root and has mode 0600; it should be owned by the
user invoking sudoedit.
>How-To-Repeat:
$ id
uid=1001(jukka) gid=1001(jukka) groups=1001(jukka),0(wheel),5(operator)
$ sudoedit file
+=+=+=+=+=+=+=+
Error: /var/tmp/file.024736aa: Permission denied.
/var/tmp/file.024736aa: unmodified, readonly: line 1
Press any key to continue: 
:!ls -l /var/tmp/file.024736aa
-rw-------  1 root  wheel  0 Jan  1  1970 /var/tmp/file.024736aa
Press any key to continue [: to enter more ex commands]: 
:q
>Fix:
As a workaround, I removed the --disable-setreuid configure option from
pkgsrc/security/sudo/Makefile and rebuilt; this made sudoedit work as
expected.