Be very clear that the password required is the user's not root's

2025-08-30 05:48:18 +00:00 · 1999-11-23 05:43:16 +00:00 · 1999-11-23 05:43:16 +00:00 · 1f0fa1814b
commit 1f0fa1814b
parent c977b43ca6
4 changed files with 57 additions and 43 deletions
--- a/sudo.cat
+++ b/sudo.cat
@ -17,7 +17,12 @@ DDDDEEEESSSSCCCCRRRRIIIIPPPPTTTTIIIIOOOONNNN
       file.  The real and effective uid and gid are set to match
       those of the target user as specified in the passwd file
       (the group vector is also initialized when the target user
-       is not root).
+       is not root).  By default, ssssuuuuddddoooo requires that users
+       authenticate themselves with a password (NOTE: this is the
+       user's password, not the root password).  Once a user has
+       been authenticated, a timestamp is updated and the user
+       may then use sudo without a password for a short period of
+       time (five minutes by default).

       ssssuuuuddddoooo determines who is an authorized user by consulting
       the file _/_e_t_c_/_s_u_d_o_e_r_s.  By giving ssssuuuuddddoooo the -v flag a user
@ -53,15 +58,10 @@ OOOOPPPPTTTTIIIIOOOONNNNSSSS
           with a short description for each.  This option is
           useful in conjunction with _g_r_e_p(1).

-       -h  The -h (_h_e_l_p) option causes ssssuuuuddddoooo to print a usage
-           message and exit.
-
-       -v  If given the -v (_v_a_l_i_d_a_t_e) option, ssssuuuuddddoooo will update
-           the user's timestamp, prompting for the user's



-15/Nov/1999                    1.6                              1
+22/Nov/1999                    1.6                              1



@ -70,6 +70,11 @@ OOOOPPPPTTTTIIIIOOOONNNNSSSS
 sudo(8)                MAINTENANCE COMMANDS               sudo(8)


+       -h  The -h (_h_e_l_p) option causes ssssuuuuddddoooo to print a usage
+           message and exit.
+
+       -v  If given the -v (_v_a_l_i_d_a_t_e) option, ssssuuuuddddoooo will update
+           the user's timestamp, prompting for the user's
           password if necessary.  This extends the ssssuuuuddddoooo timeout
           to for another N minutes (where N is defined at
           installation time and defaults to 5 minutes) but does
@ -119,15 +124,10 @@ RRRREEEETTTTUUUURRRRNNNN VVVVAAAALLLLUUUUEEEES
       configuration/permission problem or if ssssuuuuddddoooo cannot execute
       the given command.  In the latter case the error string is
       printed to stderr.  If ssssuuuuddddoooo cannot _s_t_a_t(2) one or more
-       entries in the user's PATH an error is printed on stderr.
-       (If the directory does not exist or if it is not really a
-       directory, the entry is ignored and no error is printed.)
-       This should not happen under normal circumstances.  The
-       most common reason for _s_t_a_t(2) to return "permission



-15/Nov/1999                    1.6                              2
+22/Nov/1999                    1.6                              2



@ -136,6 +136,11 @@ RRRREEEETTTTUUUURRRRNNNN VVVVAAAALLLLUUUUEEEES
 sudo(8)                MAINTENANCE COMMANDS               sudo(8)


+       entries in the user's PATH an error is printed on stderr.
+       (If the directory does not exist or if it is not really a
+       directory, the entry is ignored and no error is printed.)
+       This should not happen under normal circumstances.  The
+       most common reason for _s_t_a_t(2) to return "permission
       denied" is if you are running an automounter and one of
       the directories in your PATH is on a machine that is
       currently unreachable.
@ -185,15 +190,10 @@ SSSSEEEECCCCUUUURRRRIIIITTTTYYYY NNNNOOOOTTTTE

       ssssuuuuddddoooo will not honor timestamps set far in the future.
       Timestamps with a date greater than current_time + 2 *
-       TIMEOUT will be ignored and sudo will log and complain.
-       This is done to keep a user from creating his/her own
-       timestamp with a bogus date on system that allow users to
-       give away files.



-
-15/Nov/1999                    1.6                              3
+22/Nov/1999                    1.6                              3



@ -202,6 +202,11 @@ SSSSEEEECCCCUUUURRRRIIIITTTTYYYY NNNNOOOOTTTTE
 sudo(8)                MAINTENANCE COMMANDS               sudo(8)


+       TIMEOUT will be ignored and sudo will log and complain.
+       This is done to keep a user from creating his/her own
+       timestamp with a bogus date on system that allow users to
+       give away files.
+
 EEEEXXXXAAAAMMMMPPPPLLLLEEEESSSS
       Note: the following examples assume suitable _s_u_d_o_e_r_s(5)
       entries.
@ -250,16 +255,11 @@ EEEENNNNVVVVIIIIRRRROOOONNNNMMMMEEEENNNNTTTT


 FFFFIIIILLLLEEEESSSS
-        /etc/sudoers           List of who can run what
-        /var/run/sudo          Directory containing timestamps
-
-       ssssuuuuddddoooo utilizes the following environment variables:




-
-15/Nov/1999                    1.6                              4
+22/Nov/1999                    1.6                              4



@ -268,6 +268,11 @@ FFFFIIIILLLLEEEESSSS
 sudo(8)                MAINTENANCE COMMANDS               sudo(8)


+        /etc/sudoers           List of who can run what
+        /var/run/sudo          Directory containing timestamps
+
+       ssssuuuuddddoooo utilizes the following environment variables:
+
        PATH                   Set to a sane value if SECURE_PATH is set
        SHELL                  Used to determine shell to run with -s option
        USER                   Set to the target user (root unless the -u option
@ -317,15 +322,10 @@ CCCCAAAAVVVVEEEEAAAATTTTSSSS

       If users have sudo ALL there is nothing to prevent them
       from creating their own program that gives them a root
-       shell regardless of any '!'  elements in the user
-       specification.
-
-       Running shell scripts via ssssuuuuddddoooo can expose the same kernel
-       bugs that make setuid shell scripts unsafe on some



-15/Nov/1999                    1.6                              5
+22/Nov/1999                    1.6                              5



@ -334,6 +334,11 @@ CCCCAAAAVVVVEEEEAAAATTTTSSSS
 sudo(8)                MAINTENANCE COMMANDS               sudo(8)


+       shell regardless of any '!'  elements in the user
+       specification.
+
+       Running shell scripts via ssssuuuuddddoooo can expose the same kernel
+       bugs that make setuid shell scripts unsafe on some
       operating systems (if your OS supports the /dev/fd/
       directory, setuid shell scripts are generally safe).

@ -386,11 +391,6 @@ SSSSEEEEEEEE AAAALLLLSSSSOOOO



-
-
-
-
-
-15/Nov/1999                    1.6                              6
+22/Nov/1999                    1.6                              6


--- a/sudo.html
+++ b/sudo.html
@ -50,7 +50,11 @@ sudo - execute a command as another user
 <STRONG>sudo</STRONG> allows a permitted user to execute a <EM>command</EM> as the superuser or another user, as specified in the sudoers file. The
 real and effective uid and gid are set to match those of the target user as
 specified in the passwd file (the group vector is also initialized when the
-target user is not root).
+target user is not root). By default, <STRONG>sudo</STRONG>
+requires that users authenticate themselves with a password (NOTE: this is
+the user's password, not the root password). Once a user has been
+authenticated, a timestamp is updated and the user may then use sudo
+without a password for a short period of time (five minutes by default).

 <P>
 <STRONG>sudo</STRONG> determines who is an authorized user by consulting the file <EM>/etc/sudoers</EM>. By giving <STRONG>sudo</STRONG> the <CODE>-v</CODE> flag a user can update the time stamp without running a <EM>command.</EM>
--- a/sudo.man
+++ b/sudo.man
@ -2,8 +2,8 @@
 ''' $RCSfile$$Revision$$Date$
 '''
 ''' $Log$
-''' Revision 1.39  1999/11/16 05:42:28  millert
-''' get rid of references to sudo-bugs.  Now mention the web site or the sudo@ alias
+''' Revision 1.40  1999/11/23 05:43:16  millert
+''' Be very clear that the password required is the user's not root's
 '''
 '''
 .de Sh
@ -96,7 +96,7 @@
 .nr % 0
 .rr F
 .\}
-.TH sudo 8 "1.6" "15/Nov/1999" "MAINTENANCE COMMANDS"
+.TH sudo 8 "1.6" "22/Nov/1999" "MAINTENANCE COMMANDS"
 .UC
 .if n .hy 0
 .if n .na
@ -200,7 +200,12 @@ sudo \- execute a command as another user
 superuser or another user, as specified in the sudoers file.  The
 real and effective uid and gid are set to match those of the target
 user as specified in the passwd file (the group vector is also
-initialized when the target user is not root).
+initialized when the target user is not root).  By default, \fBsudo\fR
+requires that users authenticate themselves with a password
+(NOTE: this is the user's password, not the root password).  Once
+a user has been authenticated, a timestamp is updated and the
+user may then use sudo without a password for a short period of time
+(five minutes by default).
 .PP
 \fBsudo\fR determines who is an authorized user by consulting the
 file \fI/etc/sudoers\fR.  By giving \fBsudo\fR the \f(CW-v\fR flag a user
--- a/sudo.pod
+++ b/sudo.pod
@ -50,7 +50,12 @@ B<sudo> allows a permitted user to execute a I<command> as the
 superuser or another user, as specified in the sudoers file.  The
 real and effective uid and gid are set to match those of the target
 user as specified in the passwd file (the group vector is also
-initialized when the target user is not root).
+initialized when the target user is not root).  By default, B<sudo>
+requires that users authenticate themselves with a password
+(NOTE: this is the user's password, not the root password).  Once
+a user has been authenticated, a timestamp is updated and the
+user may then use sudo without a password for a short period of time
+(five minutes by default).

 B<sudo> determines who is an authorized user by consulting the
 file F</etc/sudoers>.  By giving B<sudo> the C<-v> flag a user