-
Bug
-
Resolution: Not a Bug
-
Undefined
-
None
-
rhel-8.10, rhel-9.4
-
None
-
None
-
None
-
rhel-security-special-projects
-
ssg_security
-
None
-
False
-
False
-
-
None
-
Red Hat Enterprise Linux
-
None
-
None
-
None
-
-
x86_64
-
None
What were you trying to do that didn't work?
The "dirname $0" command in a script is giving a strange output when a sha256 checksum is added to a sudo rule.
[root@vm251-174 scripts]# cat /scripts/test1
#!/bin/sh
dirname $0
[root@vm251-174 scripts]# cat /scripts/test2
#!/bin/sh
dirname $0
[test@vm251-174 scripts]$ echo $SHELL
/bin/bash
[test@vm251-174 scripts]$ sudo /scripts/test1
/scripts
[test@vm251-174 scripts]$ sudo /scripts/test2
/dev/fd <----------------------------------------- Here the expected output is "/scripts"
Please provide the package NVR for which bug is seen:
sudo-1.9.5p2-1.el8_9.x86_64
sudo-1.9.5p2-10.el9_3.x86_64
How reproducible:
Always, reproducible
Steps to reproduce
[1] Create the following files:
- mkdir /scripts
- echo $'#!/bin/sh \ndirname $0' > /scripts/test1
- echo $'#!/bin/sh \ndirname $0' > /scripts/tes2
- chmod a+x /scripts/test1 /scripts/test2
[2] Create a test user:
- useradd test
- passwd test
[3] Add the following lines to sudoers:
- tail -2 /etc/sudoers
test ALL = NOPASSWD: /scripts/test1
test ALL = NOPASSWD: sha256:86395225936899a345cb4bed5b3d0a570dcfcbf5b19488517c53cc24a5bcceb2 /scripts/test2
[4] Execute /scripts/test1 and /scripts/test2 scrupts using sudo:
- su test
$ sudo /scripts/test1
$ sudo /scripts/test2
Expected results
$ sudo /scripts/test1
/scripts
$ sudo /scripts/test2
/dev/fd <----------------------------------------- Here the expected output should be "/scripts"
Actual results
$ sudo /scripts/test1
/scripts
$ sudo /scripts/test2
/dev/fd
Is this expected behavior or a bug?
Is there any scope to change this behavior?
Can sudo replace FD with actual file once validation is done?
- links to
