mirror of
https://github.com/sudo-project/sudo.git
synced 2025-08-30 13:58:05 +00:00
sudo 1.5.3.
This commit is contained in:
Todd C. Miller
20
CHANGES
20
CHANGES
@@ -826,3 +826,23 @@ Sudo 1.5.1 released.
|
||||
255) Attempt at sequent support.
|
||||
|
||||
Sudo 1.5.2 released.
|
||||
|
||||
256) visudo acts sanely when there is no sudoers file.
|
||||
|
||||
257) Added Runas_Alias support.
|
||||
|
||||
258) Sudo will now work with SUDOERS_MODE == 400 and SUDO_UID = 0.
|
||||
|
||||
259) Alias's in a runas list are now expanded.
|
||||
|
||||
260) Fixed bug with > 32 saved aliases. Reported by BHH@capgroup.com.
|
||||
|
||||
261) Code that uses sprintf() is now more paraniod about buffer
|
||||
overflows.
|
||||
|
||||
262) Whitespace is now allowed after a line continuation character before
|
||||
a newline in sudoers.
|
||||
|
||||
263) %h in MAILSUBJECT expands to local hostname.
|
||||
|
||||
Sudo 1.5.3 released.
|
||||
|
||||
48
RUNSON
48
RUNSON
@@ -5,43 +5,43 @@ Name Rev Arch Used Version By Options
|
||||
======= ======= ======= =============== ======= =============== ===============
|
||||
Auspex 1.6.1 sun4 bundled cc 1.3.4 Alek Komarnitsky none
|
||||
SunOS 4.1.3 sun4 bundled cc 1.4 Todd Miller none
|
||||
SunOS 4.1.3 sun4 gcc2.7.2.1 1.5.2 Todd Miller none
|
||||
SunOS 4.1.3 sun4 gcc2.7.2.1 1.5.2 Todd Miller --with-kerb4
|
||||
SunOS 4.1.3 sun4 gcc2.7.2.1 1.5.2 Todd Miller --with-skey
|
||||
SunOS 4.1.3 sun4 gcc2.7.2.1 1.5.3 Todd Miller none
|
||||
SunOS 4.1.3 sun4 gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4
|
||||
SunOS 4.1.3 sun4 gcc2.7.2.1 1.5.3 Todd Miller --with-skey
|
||||
SunOS 4.1.3 sun4 bundled cc 1.5 Alek Komarnitsky --with-C2
|
||||
Solaris 2.5 sun4 gcc2.7.2.1 1.5.2 Todd Miller none
|
||||
Solaris 2.5 sun4 gcc2.7.2.1 1.5.3 Todd Miller none
|
||||
Solaris 2.[45] sun4 SC4.0 1.5 Alek Komarnitsky none
|
||||
Solaris 2.5 x86 gcc2.7.2.1 1.5.2 Todd Miller none
|
||||
Solaris 2.5 x86 gcc2.7.2.1 1.5.3 Todd Miller none
|
||||
ISC 4.0 i386 bundled cc 1.4 Andy Smith none
|
||||
ISC 4.0 i386 gcc2.7.0 1.4 Andy Smith none
|
||||
ISC 4.1 i386 bundled cc 1.4 Andy Smith none
|
||||
ISC 4.1 i386 gcc2.7.0 1.4 Andy Smith none
|
||||
RISCos 4_52 mips bundled cc 1.3.7 Andy Smith --with-getpass
|
||||
SCO 3.2.2 i386 bundled cc 1.3.4 David Meleedy --with-getpass
|
||||
HP-UX 9.05 hp700 gcc2.7.2.1 1.5.2 Todd Miller none
|
||||
HP-UX 9.05 hp700 gcc2.7.2.1 1.5.2 Todd Miller --with-kerb4
|
||||
HP-UX 9.05 hp700 gcc2.7.2.1 1.5.3 Todd Miller none
|
||||
HP-UX 9.05 hp700 gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4
|
||||
HP-UX 9.07 hp700 unbundled cc 1.5 Alek Komarnitsky --with-C2
|
||||
HP-UX 9.05 hp700 unbundled cc 1.4 Todd Miller none
|
||||
HP-UX 10.10 hp700 gcc2.7.2.1 1.5.2 Todd Miller --with-skey
|
||||
HP-UX 10.10 hp700 gcc2.7.2.1 1.5.3 Todd Miller --with-skey
|
||||
HP-UX 10.01 hp700 gcc 1.3.7 Jeff Earickson --with-DCE
|
||||
HP-UX 10.01 hp700 cc 1.4.4 David Dill --with-C2
|
||||
Ultrix 4.3 mips bundled cc 1.5 Maria Magnusson none
|
||||
Ultrix 4.3 mips gcc2.7.2.1 1.5.2 Todd Miller none
|
||||
Ultrix 4.3 mips gcc2.7.2.1 1.5.2 Todd Miller --with-kerb4
|
||||
IRIX 4.05H mips gcc2.6.3 1.5.2 Todd Miller none
|
||||
Ultrix 4.3 mips gcc2.7.2.1 1.5.3 Todd Miller none
|
||||
Ultrix 4.3 mips gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4
|
||||
IRIX 4.05H mips gcc2.6.3 1.5.3 Todd Miller none
|
||||
IRIX 4.05H mips unbundled cc 1.4 Todd Miller none
|
||||
IRIX 5.3 mips unbundled cc 1.4 Todd Miller none
|
||||
IRIX 5.3 mips gcc2.7.2.1 1.5.2 Todd Miller none
|
||||
IRIX 5.3 mips gcc2.7.2.1 1.5.2 Todd Miller --with-kerb4
|
||||
IRIX 5.3 mips gcc2.7.2.1 1.5.3 Todd Miller none
|
||||
IRIX 5.3 mips gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4
|
||||
IRIX 5.3 mips unbundled cc 1.4 Wallace Winfrey --with-C2
|
||||
IRIX 6.2 mips unbundled cc 1.5 Alek Komarnitsky --with-C2
|
||||
NEXTSTEP 2.1 m68k bundled cc 1.3.7 Todd Miller none
|
||||
NEXTSTEP 3.2 m68k bundled cc 1.5.2 Todd Miller none
|
||||
NEXTSTEP 3.2 m68k bundled cc 1.5.3 Todd Miller none
|
||||
NEXTSTEP 3.2 i386 bundled cc 1.3.2 Jonathan Adams none
|
||||
NEXTSTEP 3.3 i386 bundled cc 1.4 Jonathan Adams none
|
||||
DEC UNIX 3.2c alpha bundled cc 1.5.2 Todd Miller none
|
||||
DEC UNIX 4.0 alpha gcc2.7.2.1 1.5.2 Todd Miller none
|
||||
DEC UNIX 4.0 alpha gcc2.7.2.1 1.5.2 Todd Miller --with-kerb4
|
||||
DEC UNIX 3.2c alpha bundled cc 1.5.3 Todd Miller none
|
||||
DEC UNIX 4.0 alpha gcc2.7.2.1 1.5.3 Todd Miller none
|
||||
DEC UNIX 4.0 alpha gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4
|
||||
DEC UNIX 3.x alpha bundled cc 1.3.4 Tina Yang --with-C2
|
||||
AIX 3.2.X rs6000 bundled cc 1.4 Todd Miller none
|
||||
AIX 4.1.X rs6000 bundled cc 1.4 Todd Miller none
|
||||
@@ -49,8 +49,8 @@ AIX 4.1.3 PowerPC gcc-2.7.0 1.4 Bob Shair none
|
||||
BSD 4.3 hp300 gcc2.5.6 1.4 Todd Miller none
|
||||
ConvexOS 9.1 convex bundled cc 1.3.6 Todd Miller none
|
||||
ConvexOS 9.1 convex gcc2.4.5 1.3.6 Todd Miller none
|
||||
BSD/OS 2.1 i386 shlicc 1.5.2 Todd Miller none
|
||||
OpenBSD 2.0 i586 gcc-2.7.2.1 1.5.2 Todd Miller none
|
||||
BSD/OS 2.1 i386 shlicc 1.5.3 Todd Miller none
|
||||
OpenBSD 2.0 i586 gcc-2.7.2.1 1.5.3 Todd Miller none
|
||||
FreeBSD 1.1 i386 gcc 1.3.2 Dieter Muller none
|
||||
FreeBSD 2.0.5 i386 gcc 1.3.4 Dieter Muller none
|
||||
Linux 1.2.13 i486 gcc-2.7.0 1.4 Michael Forman none
|
||||
@@ -70,8 +70,8 @@ If you can verify any of these, please send mail to sudo-bugs@courtesan.com
|
||||
Op. System CPU Compilers Sudo Reported Special
|
||||
Name Rev Arch Used Version By Options
|
||||
======= ======= ======= =============== ======= =============== ===============
|
||||
AIX 3.2.X rs6000 bundled cc 1.5.2 YOUR NAME HERE --with-AFS
|
||||
ConvexOS 9.1 convex cc or gcc 1.5.2 YOUR NAME HERE --with-C2
|
||||
Ultrix 4.x mips cc or gcc 1.5.2 YOUR NAME HERE --with-C2
|
||||
IRIX 6.x mips cc or gcc 1.5.2 YOUR NAME HERE --with-C2
|
||||
DYNIX 4.1.3 Sequent bundled cc 1.5.2 YOUR NAME HERE
|
||||
AIX 3.2.X rs6000 bundled cc 1.5.3 YOUR NAME HERE --with-AFS
|
||||
ConvexOS 9.1 convex cc or gcc 1.5.3 YOUR NAME HERE --with-C2
|
||||
Ultrix 4.x mips cc or gcc 1.5.3 YOUR NAME HERE --with-C2
|
||||
IRIX 6.x mips cc or gcc 1.5.3 YOUR NAME HERE --with-C2
|
||||
DYNIX 4.1.3 Sequent bundled cc 1.5.3 YOUR NAME HERE
|
||||
|
||||
41
TODO
41
TODO
@@ -9,43 +9,46 @@ TODO list (most will be addressed in the next rewrite)
|
||||
|
||||
04) Make the sudoers file accessible via NIS, Hesiod, and maybe NetInfo.
|
||||
|
||||
05) Add a %h field to MAILSUBJECT for the hostname.
|
||||
05) Add a -h (?) flag to sudo for a history mechanism.
|
||||
|
||||
06) Add a -h (?) flag to sudo for a history mechanism.
|
||||
06) Make parse.lex in the same coding style as everything else...
|
||||
|
||||
07) Make parse.lex in the same coding style as everything else...
|
||||
07) Add an option to hard-code LD_LIBRARY_PATH?
|
||||
|
||||
08) Add an option to hard-code LD_LIBRARY_PATH?
|
||||
08) Add Prog_Alias facility (Prog_Alias VI = /usr/secure/bin/vi +args).
|
||||
|
||||
09) Add Prog_Alias facility (Prog_Alias VI = /usr/secure/bin/vi +args).
|
||||
09) Make '!' work in Cmnd_Alias, Host_Alias, User_Alias and runas list.
|
||||
|
||||
10) Make '!' work in Cmnd_Alias, Host_Alias, User_Alias and runas list.
|
||||
10) check for <net/errno.h> in configure and include it in sudo.c if it exists.
|
||||
|
||||
11) check for <net/errno.h> in configure and include it in sudo.c if it exists.
|
||||
11) Add generic STREAMS support for getting interfaces and netmasks.
|
||||
|
||||
12) Add generic STREAMS support for getting interfaces and netmasks.
|
||||
|
||||
13) Do shadow password detection at runtime like sunos' issecure(3)???
|
||||
12) Do shadow password detection at runtime like sunos' issecure(3)???
|
||||
If so then start using GLOBAL_NO_SPW_ENT again (but rename it).
|
||||
|
||||
14) Do all the envariable additions in one fell swoop for efficiency and speed.
|
||||
13) Do all the envariable additions in one fell swoop for efficiency and speed.
|
||||
|
||||
15) Catch/ignore signals in sudo?
|
||||
14) Catch/ignore signals in sudo?
|
||||
|
||||
16) Make -p work with -v and -l in any order.
|
||||
15) Make -p work with -v and -l in any order.
|
||||
|
||||
17) Add support for "safe scripts" by checking for shell script
|
||||
16) Add support for "safe scripts" by checking for shell script
|
||||
cookie (first two bytes are "#!") and execing the shell outselves
|
||||
after doing the stat to guard against spoofing. This should avoid
|
||||
the race condition caused by going through namei() twice...
|
||||
|
||||
18) Sudo should not allow someone with a nil password to run commands.
|
||||
17) Sudo should not allow someone with a nil password to run commands.
|
||||
|
||||
19) Overhaul testsudoers to use parse.o so we don't reimplement things.
|
||||
18) Overhaul testsudoers to use parse.o so we don't reimplement things.
|
||||
|
||||
20) Make runas_user a struct "runas" with user and group components.
|
||||
19) Make runas_user a struct "runas" with user and group components.
|
||||
(make uid and gid too???)
|
||||
|
||||
21) Add -g group/gid option.
|
||||
20) Add -g group/gid option.
|
||||
|
||||
22) Make `sudo -l' output prettier.
|
||||
21) Make `sudo -l' output prettier.
|
||||
|
||||
22) Should be able to mix Cmnd_Alias's and command args. Ie:
|
||||
pete ALL=PASSWD [A-z]*,!PASSWD root
|
||||
where PASSWD was defined to be /usr/bin/passwd.
|
||||
This requires the arg parsing to happen in the yacc grammer.
|
||||
|
||||
Reference in New Issue
Block a user