mirror of
https://github.com/sudo-project/sudo.git
synced 2025-08-30 13:58:05 +00:00
sudo 1.5.3.
This commit is contained in:
Todd C. Miller
20
CHANGES
20
CHANGES
@@ -826,3 +826,23 @@ Sudo 1.5.1 released.
|
|||||||
255) Attempt at sequent support.
|
255) Attempt at sequent support.
|
||||||
|
|
||||||
Sudo 1.5.2 released.
|
Sudo 1.5.2 released.
|
||||||
|
|
||||||
|
256) visudo acts sanely when there is no sudoers file.
|
||||||
|
|
||||||
|
257) Added Runas_Alias support.
|
||||||
|
|
||||||
|
258) Sudo will now work with SUDOERS_MODE == 400 and SUDO_UID = 0.
|
||||||
|
|
||||||
|
259) Alias's in a runas list are now expanded.
|
||||||
|
|
||||||
|
260) Fixed bug with > 32 saved aliases. Reported by BHH@capgroup.com.
|
||||||
|
|
||||||
|
261) Code that uses sprintf() is now more paraniod about buffer
|
||||||
|
overflows.
|
||||||
|
|
||||||
|
262) Whitespace is now allowed after a line continuation character before
|
||||||
|
a newline in sudoers.
|
||||||
|
|
||||||
|
263) %h in MAILSUBJECT expands to local hostname.
|
||||||
|
|
||||||
|
Sudo 1.5.3 released.
|
||||||
|
|||||||
48
RUNSON
48
RUNSON
@@ -5,43 +5,43 @@ Name Rev Arch Used Version By Options
|
|||||||
======= ======= ======= =============== ======= =============== ===============
|
======= ======= ======= =============== ======= =============== ===============
|
||||||
Auspex 1.6.1 sun4 bundled cc 1.3.4 Alek Komarnitsky none
|
Auspex 1.6.1 sun4 bundled cc 1.3.4 Alek Komarnitsky none
|
||||||
SunOS 4.1.3 sun4 bundled cc 1.4 Todd Miller none
|
SunOS 4.1.3 sun4 bundled cc 1.4 Todd Miller none
|
||||||
SunOS 4.1.3 sun4 gcc2.7.2.1 1.5.2 Todd Miller none
|
SunOS 4.1.3 sun4 gcc2.7.2.1 1.5.3 Todd Miller none
|
||||||
SunOS 4.1.3 sun4 gcc2.7.2.1 1.5.2 Todd Miller --with-kerb4
|
SunOS 4.1.3 sun4 gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4
|
||||||
SunOS 4.1.3 sun4 gcc2.7.2.1 1.5.2 Todd Miller --with-skey
|
SunOS 4.1.3 sun4 gcc2.7.2.1 1.5.3 Todd Miller --with-skey
|
||||||
SunOS 4.1.3 sun4 bundled cc 1.5 Alek Komarnitsky --with-C2
|
SunOS 4.1.3 sun4 bundled cc 1.5 Alek Komarnitsky --with-C2
|
||||||
Solaris 2.5 sun4 gcc2.7.2.1 1.5.2 Todd Miller none
|
Solaris 2.5 sun4 gcc2.7.2.1 1.5.3 Todd Miller none
|
||||||
Solaris 2.[45] sun4 SC4.0 1.5 Alek Komarnitsky none
|
Solaris 2.[45] sun4 SC4.0 1.5 Alek Komarnitsky none
|
||||||
Solaris 2.5 x86 gcc2.7.2.1 1.5.2 Todd Miller none
|
Solaris 2.5 x86 gcc2.7.2.1 1.5.3 Todd Miller none
|
||||||
ISC 4.0 i386 bundled cc 1.4 Andy Smith none
|
ISC 4.0 i386 bundled cc 1.4 Andy Smith none
|
||||||
ISC 4.0 i386 gcc2.7.0 1.4 Andy Smith none
|
ISC 4.0 i386 gcc2.7.0 1.4 Andy Smith none
|
||||||
ISC 4.1 i386 bundled cc 1.4 Andy Smith none
|
ISC 4.1 i386 bundled cc 1.4 Andy Smith none
|
||||||
ISC 4.1 i386 gcc2.7.0 1.4 Andy Smith none
|
ISC 4.1 i386 gcc2.7.0 1.4 Andy Smith none
|
||||||
RISCos 4_52 mips bundled cc 1.3.7 Andy Smith --with-getpass
|
RISCos 4_52 mips bundled cc 1.3.7 Andy Smith --with-getpass
|
||||||
SCO 3.2.2 i386 bundled cc 1.3.4 David Meleedy --with-getpass
|
SCO 3.2.2 i386 bundled cc 1.3.4 David Meleedy --with-getpass
|
||||||
HP-UX 9.05 hp700 gcc2.7.2.1 1.5.2 Todd Miller none
|
HP-UX 9.05 hp700 gcc2.7.2.1 1.5.3 Todd Miller none
|
||||||
HP-UX 9.05 hp700 gcc2.7.2.1 1.5.2 Todd Miller --with-kerb4
|
HP-UX 9.05 hp700 gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4
|
||||||
HP-UX 9.07 hp700 unbundled cc 1.5 Alek Komarnitsky --with-C2
|
HP-UX 9.07 hp700 unbundled cc 1.5 Alek Komarnitsky --with-C2
|
||||||
HP-UX 9.05 hp700 unbundled cc 1.4 Todd Miller none
|
HP-UX 9.05 hp700 unbundled cc 1.4 Todd Miller none
|
||||||
HP-UX 10.10 hp700 gcc2.7.2.1 1.5.2 Todd Miller --with-skey
|
HP-UX 10.10 hp700 gcc2.7.2.1 1.5.3 Todd Miller --with-skey
|
||||||
HP-UX 10.01 hp700 gcc 1.3.7 Jeff Earickson --with-DCE
|
HP-UX 10.01 hp700 gcc 1.3.7 Jeff Earickson --with-DCE
|
||||||
HP-UX 10.01 hp700 cc 1.4.4 David Dill --with-C2
|
HP-UX 10.01 hp700 cc 1.4.4 David Dill --with-C2
|
||||||
Ultrix 4.3 mips bundled cc 1.5 Maria Magnusson none
|
Ultrix 4.3 mips bundled cc 1.5 Maria Magnusson none
|
||||||
Ultrix 4.3 mips gcc2.7.2.1 1.5.2 Todd Miller none
|
Ultrix 4.3 mips gcc2.7.2.1 1.5.3 Todd Miller none
|
||||||
Ultrix 4.3 mips gcc2.7.2.1 1.5.2 Todd Miller --with-kerb4
|
Ultrix 4.3 mips gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4
|
||||||
IRIX 4.05H mips gcc2.6.3 1.5.2 Todd Miller none
|
IRIX 4.05H mips gcc2.6.3 1.5.3 Todd Miller none
|
||||||
IRIX 4.05H mips unbundled cc 1.4 Todd Miller none
|
IRIX 4.05H mips unbundled cc 1.4 Todd Miller none
|
||||||
IRIX 5.3 mips unbundled cc 1.4 Todd Miller none
|
IRIX 5.3 mips unbundled cc 1.4 Todd Miller none
|
||||||
IRIX 5.3 mips gcc2.7.2.1 1.5.2 Todd Miller none
|
IRIX 5.3 mips gcc2.7.2.1 1.5.3 Todd Miller none
|
||||||
IRIX 5.3 mips gcc2.7.2.1 1.5.2 Todd Miller --with-kerb4
|
IRIX 5.3 mips gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4
|
||||||
IRIX 5.3 mips unbundled cc 1.4 Wallace Winfrey --with-C2
|
IRIX 5.3 mips unbundled cc 1.4 Wallace Winfrey --with-C2
|
||||||
IRIX 6.2 mips unbundled cc 1.5 Alek Komarnitsky --with-C2
|
IRIX 6.2 mips unbundled cc 1.5 Alek Komarnitsky --with-C2
|
||||||
NEXTSTEP 2.1 m68k bundled cc 1.3.7 Todd Miller none
|
NEXTSTEP 2.1 m68k bundled cc 1.3.7 Todd Miller none
|
||||||
NEXTSTEP 3.2 m68k bundled cc 1.5.2 Todd Miller none
|
NEXTSTEP 3.2 m68k bundled cc 1.5.3 Todd Miller none
|
||||||
NEXTSTEP 3.2 i386 bundled cc 1.3.2 Jonathan Adams none
|
NEXTSTEP 3.2 i386 bundled cc 1.3.2 Jonathan Adams none
|
||||||
NEXTSTEP 3.3 i386 bundled cc 1.4 Jonathan Adams none
|
NEXTSTEP 3.3 i386 bundled cc 1.4 Jonathan Adams none
|
||||||
DEC UNIX 3.2c alpha bundled cc 1.5.2 Todd Miller none
|
DEC UNIX 3.2c alpha bundled cc 1.5.3 Todd Miller none
|
||||||
DEC UNIX 4.0 alpha gcc2.7.2.1 1.5.2 Todd Miller none
|
DEC UNIX 4.0 alpha gcc2.7.2.1 1.5.3 Todd Miller none
|
||||||
DEC UNIX 4.0 alpha gcc2.7.2.1 1.5.2 Todd Miller --with-kerb4
|
DEC UNIX 4.0 alpha gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4
|
||||||
DEC UNIX 3.x alpha bundled cc 1.3.4 Tina Yang --with-C2
|
DEC UNIX 3.x alpha bundled cc 1.3.4 Tina Yang --with-C2
|
||||||
AIX 3.2.X rs6000 bundled cc 1.4 Todd Miller none
|
AIX 3.2.X rs6000 bundled cc 1.4 Todd Miller none
|
||||||
AIX 4.1.X rs6000 bundled cc 1.4 Todd Miller none
|
AIX 4.1.X rs6000 bundled cc 1.4 Todd Miller none
|
||||||
@@ -49,8 +49,8 @@ AIX 4.1.3 PowerPC gcc-2.7.0 1.4 Bob Shair none
|
|||||||
BSD 4.3 hp300 gcc2.5.6 1.4 Todd Miller none
|
BSD 4.3 hp300 gcc2.5.6 1.4 Todd Miller none
|
||||||
ConvexOS 9.1 convex bundled cc 1.3.6 Todd Miller none
|
ConvexOS 9.1 convex bundled cc 1.3.6 Todd Miller none
|
||||||
ConvexOS 9.1 convex gcc2.4.5 1.3.6 Todd Miller none
|
ConvexOS 9.1 convex gcc2.4.5 1.3.6 Todd Miller none
|
||||||
BSD/OS 2.1 i386 shlicc 1.5.2 Todd Miller none
|
BSD/OS 2.1 i386 shlicc 1.5.3 Todd Miller none
|
||||||
OpenBSD 2.0 i586 gcc-2.7.2.1 1.5.2 Todd Miller none
|
OpenBSD 2.0 i586 gcc-2.7.2.1 1.5.3 Todd Miller none
|
||||||
FreeBSD 1.1 i386 gcc 1.3.2 Dieter Muller none
|
FreeBSD 1.1 i386 gcc 1.3.2 Dieter Muller none
|
||||||
FreeBSD 2.0.5 i386 gcc 1.3.4 Dieter Muller none
|
FreeBSD 2.0.5 i386 gcc 1.3.4 Dieter Muller none
|
||||||
Linux 1.2.13 i486 gcc-2.7.0 1.4 Michael Forman none
|
Linux 1.2.13 i486 gcc-2.7.0 1.4 Michael Forman none
|
||||||
@@ -70,8 +70,8 @@ If you can verify any of these, please send mail to sudo-bugs@courtesan.com
|
|||||||
Op. System CPU Compilers Sudo Reported Special
|
Op. System CPU Compilers Sudo Reported Special
|
||||||
Name Rev Arch Used Version By Options
|
Name Rev Arch Used Version By Options
|
||||||
======= ======= ======= =============== ======= =============== ===============
|
======= ======= ======= =============== ======= =============== ===============
|
||||||
AIX 3.2.X rs6000 bundled cc 1.5.2 YOUR NAME HERE --with-AFS
|
AIX 3.2.X rs6000 bundled cc 1.5.3 YOUR NAME HERE --with-AFS
|
||||||
ConvexOS 9.1 convex cc or gcc 1.5.2 YOUR NAME HERE --with-C2
|
ConvexOS 9.1 convex cc or gcc 1.5.3 YOUR NAME HERE --with-C2
|
||||||
Ultrix 4.x mips cc or gcc 1.5.2 YOUR NAME HERE --with-C2
|
Ultrix 4.x mips cc or gcc 1.5.3 YOUR NAME HERE --with-C2
|
||||||
IRIX 6.x mips cc or gcc 1.5.2 YOUR NAME HERE --with-C2
|
IRIX 6.x mips cc or gcc 1.5.3 YOUR NAME HERE --with-C2
|
||||||
DYNIX 4.1.3 Sequent bundled cc 1.5.2 YOUR NAME HERE
|
DYNIX 4.1.3 Sequent bundled cc 1.5.3 YOUR NAME HERE
|
||||||
|
|||||||
41
TODO
41
TODO
@@ -9,43 +9,46 @@ TODO list (most will be addressed in the next rewrite)
|
|||||||
|
|
||||||
04) Make the sudoers file accessible via NIS, Hesiod, and maybe NetInfo.
|
04) Make the sudoers file accessible via NIS, Hesiod, and maybe NetInfo.
|
||||||
|
|
||||||
05) Add a %h field to MAILSUBJECT for the hostname.
|
05) Add a -h (?) flag to sudo for a history mechanism.
|
||||||
|
|
||||||
06) Add a -h (?) flag to sudo for a history mechanism.
|
06) Make parse.lex in the same coding style as everything else...
|
||||||
|
|
||||||
07) Make parse.lex in the same coding style as everything else...
|
07) Add an option to hard-code LD_LIBRARY_PATH?
|
||||||
|
|
||||||
08) Add an option to hard-code LD_LIBRARY_PATH?
|
08) Add Prog_Alias facility (Prog_Alias VI = /usr/secure/bin/vi +args).
|
||||||
|
|
||||||
09) Add Prog_Alias facility (Prog_Alias VI = /usr/secure/bin/vi +args).
|
09) Make '!' work in Cmnd_Alias, Host_Alias, User_Alias and runas list.
|
||||||
|
|
||||||
10) Make '!' work in Cmnd_Alias, Host_Alias, User_Alias and runas list.
|
10) check for <net/errno.h> in configure and include it in sudo.c if it exists.
|
||||||
|
|
||||||
11) check for <net/errno.h> in configure and include it in sudo.c if it exists.
|
11) Add generic STREAMS support for getting interfaces and netmasks.
|
||||||
|
|
||||||
12) Add generic STREAMS support for getting interfaces and netmasks.
|
12) Do shadow password detection at runtime like sunos' issecure(3)???
|
||||||
|
|
||||||
13) Do shadow password detection at runtime like sunos' issecure(3)???
|
|
||||||
If so then start using GLOBAL_NO_SPW_ENT again (but rename it).
|
If so then start using GLOBAL_NO_SPW_ENT again (but rename it).
|
||||||
|
|
||||||
14) Do all the envariable additions in one fell swoop for efficiency and speed.
|
13) Do all the envariable additions in one fell swoop for efficiency and speed.
|
||||||
|
|
||||||
15) Catch/ignore signals in sudo?
|
14) Catch/ignore signals in sudo?
|
||||||
|
|
||||||
16) Make -p work with -v and -l in any order.
|
15) Make -p work with -v and -l in any order.
|
||||||
|
|
||||||
17) Add support for "safe scripts" by checking for shell script
|
16) Add support for "safe scripts" by checking for shell script
|
||||||
cookie (first two bytes are "#!") and execing the shell outselves
|
cookie (first two bytes are "#!") and execing the shell outselves
|
||||||
after doing the stat to guard against spoofing. This should avoid
|
after doing the stat to guard against spoofing. This should avoid
|
||||||
the race condition caused by going through namei() twice...
|
the race condition caused by going through namei() twice...
|
||||||
|
|
||||||
18) Sudo should not allow someone with a nil password to run commands.
|
17) Sudo should not allow someone with a nil password to run commands.
|
||||||
|
|
||||||
19) Overhaul testsudoers to use parse.o so we don't reimplement things.
|
18) Overhaul testsudoers to use parse.o so we don't reimplement things.
|
||||||
|
|
||||||
20) Make runas_user a struct "runas" with user and group components.
|
19) Make runas_user a struct "runas" with user and group components.
|
||||||
(make uid and gid too???)
|
(make uid and gid too???)
|
||||||
|
|
||||||
21) Add -g group/gid option.
|
20) Add -g group/gid option.
|
||||||
|
|
||||||
22) Make `sudo -l' output prettier.
|
21) Make `sudo -l' output prettier.
|
||||||
|
|
||||||
|
22) Should be able to mix Cmnd_Alias's and command args. Ie:
|
||||||
|
pete ALL=PASSWD [A-z]*,!PASSWD root
|
||||||
|
where PASSWD was defined to be /usr/bin/passwd.
|
||||||
|
This requires the arg parsing to happen in the yacc grammer.
|
||||||
|
|||||||
Reference in New Issue
Block a user