From ce521ed2e2ba0eb414b07b1a6324b8ab0c864916 Mon Sep 17 00:00:00 2001 From: heat-wave Date: Thu, 8 Apr 2021 14:28:55 +0100 Subject: [PATCH] Validate user-supplied sudo alternative (in name only) --- tomb | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/tomb b/tomb index 51833bb..5a89111 100755 --- a/tomb +++ b/tomb @@ -113,7 +113,15 @@ export TEXTDOMAIN=tomb # Wrap sudo with a more visible message or apply user-supplied alternative to sudo _sudo() { if option_is_set --sudo; then - $(option_value --sudo) ${@}; + case `basename $(option_value --sudo)` in + "doas") + $(option_value --sudo) ${@} + ;; + *) + _failure "Only doas is supported as sudo alternative" + ;; + esac + else local msg="[sudo] Enter password for user ::1 user:: to gain superuser privileges" command -v gettext 1>/dev/null 2>/dev/null && msg="$(gettext -s "$msg")"