[Sudoscript-devel] Hacking on script(1)

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Well, I have proof-of-concept code for a mod to doinput() in the linux
script(1) source. I haven't rigerously analyzed it for buffer offset goofs
or anything else for that matter. But I've compiled it and watched my 
commands
show up in /var/log/secure as I expected. Here's the code:

doinput() {
	register int cc;
	char ibuf[BUFSIZ];
	char logbuf[LOGBUFSIZ];
	char *lbptr;
	register int lc;
	int line_flag;
	lc=-1;
	(void) fclose(fscript);
	(void) openlog( "sudoshell", LOG_PID, LOG_AUTHPRIV);

	while ((cc = read(0, ibuf, BUFSIZ)) > 0) {
	  (void) write(master, ibuf, cc);
	  if (lc+cc >(LOGBUFSIZ-2)){
	    logbuf[lc]=0;
	    lc=-1;
	    (void) syslog(LOG_INFO,"%s",logbuf);
	  }
	  if (ibuf[cc-1]==13) {
	    line_flag=1;
	  } else {
	    line_flag=0;
	  }
	  ibuf[cc]=0;
	  lbptr=&logbuf[lc+1];
	  strncpy(lbptr,ibuf,cc);
	  lc+=cc;
	  if (line_flag){
	    logbuf[lc]=0;
	    (void) syslog(LOG_INFO,"%s",logbuf);
	    lc=-1;
	  }
	}
	done();
}

Howard Owen                        "Even if you are on the right
Nuasis System Administrator         track, you'll get run over if you
ho...@nu...   408-350-4952     just sit there." - Will Rogers