mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 09:57:41 +00:00
Code Issues Releases Wiki Activity

Make ignore_dot the default

Browse Source 
Add --disable-ignore-dot to disable it and deprecate --with-ignore-dot.
This commit is contained in:
Todd C. Miller 2025-03-08 08:34:11 -07:00
parent ff3c2185f1
commit fce45b2767
5 changed files with 54 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
INSTALL.md
View File

@ -736,6 +736,14 @@ Defaults are listed in brackets after the description.
of the "env_reset" Defaults option in sudoers to false. of the "env_reset" Defaults option in sudoers to false.
Sudoers option: !env_reset Sudoers option: !env_reset
--disable-ignore-dot
By default, sudo will not search for a command in the current
working directory, even if "." or "" in present in the PATH
environment variable. If this option is disabled, sudo
will check the current directory last if it appears anywhere
in PATH. The PATH variable itself is not modified.
Sudoers option: ignore_dot
--disable-path-info --disable-path-info
Normally, sudo will tell the user when a command could not be found Normally, sudo will tell the user when a command could not be found
in their $PATH. Some sites may wish to disable this as it could in their $PATH. Some sites may wish to disable this as it could
@ -876,11 +884,6 @@ Defaults are listed in brackets after the description.
You must either specify --with-insults or enable insults in the You must either specify --with-insults or enable insults in the
sudoers file for this to have any effect. sudoers file for this to have any effect.
--with-ignore-dot
If set, sudo will ignore "." or "" (current dir) in $PATH.
The $PATH itself is not modified.
Sudoers option: ignore_dot
--with-insults --with-insults
Define this if you want to be insulted by default for typing Define this if you want to be insulted by default for typing
an incorrect password just like the original sudo(8). an incorrect password just like the original sudo(8).

6
config.h.in
View File

@ -6,6 +6,9 @@
/* Configure script arguments used to build sudo. */ /* Configure script arguments used to build sudo. */
#undef CONFIGURE_ARGS #undef CONFIGURE_ARGS
/* Define to 1 if you want sudo to honor '.' and "" in the PATH. */
#undef ALLOW_DOT_PATH
/* Define to 1 if you want the insults from the "classic" version sudo. */ /* Define to 1 if you want the insults from the "classic" version sudo. */
#undef CLASSIC_INSULTS #undef CLASSIC_INSULTS
@ -1138,9 +1141,6 @@
/* Define to 1 if you want the hostname to be entered into the log file. */ /* Define to 1 if you want the hostname to be entered into the log file. */
#undef HOST_IN_LOG #undef HOST_IN_LOG
/* Define to 1 if you want to ignore '.' and empty PATH elements. */
#undef IGNORE_DOT_PATH
/* The message given when a bad password is entered. */ /* The message given when a bad password is entered. */
#undef INCORRECT_PASSWORD #undef INCORRECT_PASSWORD

41
configure vendored
View File

@ -1025,6 +1025,7 @@ enable_noargs_shell
enable_shell_sets_home enable_shell_sets_home
enable_path_info enable_path_info
enable_env_debug enable_env_debug
enable_ignore_dot
enable_postinstall enable_postinstall
enable_zlib enable_zlib
enable_env_reset enable_env_reset
@ -1737,6 +1738,7 @@ Optional Features:
Set $HOME to target user in shell mode Set $HOME to target user in shell mode
--disable-path-info Print 'command not allowed' not 'command not found' --disable-path-info Print 'command not allowed' not 'command not found'
--enable-env-debug Whether to enable environment debugging. --enable-env-debug Whether to enable environment debugging.
--disable-ignore-dot allow '.' and "" in the PATH
--enable-postinstall Script to run after the install phase --enable-postinstall Script to run after the install phase
--enable-zlib[=PATH] Whether to enable or disable zlib --enable-zlib[=PATH] Whether to enable or disable zlib
--enable-env-reset Whether to enable environment resetting by default. --enable-env-reset Whether to enable environment resetting by default.
@ -1843,7 +1845,7 @@ Optional Packages:
--with-badpri syslog priority for failures (def is "alert") --with-badpri syslog priority for failures (def is "alert")
--with-logpath path to the sudo log file --with-logpath path to the sudo log file
--with-loglen maximum length of a log file line (default is 80) --with-loglen maximum length of a log file line (default is 80)
--with-ignore-dot ignore '.' in the PATH --with-ignore-dot deprecated, use --disable-ignore-dot
--without-mail-if-no-user --without-mail-if-no-user
do not send mail if user not in sudoers do not send mail if user not in sudoers
--with-mail-if-no-host send mail if user in sudoers but not for this host --with-mail-if-no-host send mail if user in sudoers but not for this host
@ -3715,7 +3717,7 @@ logfac=auth
goodpri=notice goodpri=notice
badpri=alert badpri=alert
loglen=80 loglen=80
ignore_dot=off ignore_dot=on
mail_no_user=on mail_no_user=on
mail_no_host=off mail_no_host=off
mail_no_perms=off mail_no_perms=off
@ -5310,9 +5312,7 @@ then :
yes) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: adding CSOps standard options" >&5 yes) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: adding CSOps standard options" >&5
printf "%s\n" "$as_me: adding CSOps standard options" >&6;} printf "%s\n" "$as_me: adding CSOps standard options" >&6;}
CHECKSIA=false CHECKSIA=false
with_ignore_dot=yes
insults=on insults=on
with_env_editor=yes
: ${mansectsu='8'} : ${mansectsu='8'}
: ${mansectform='5'} : ${mansectform='5'}
: ${mansectmisc='7'} : ${mansectmisc='7'}
@ -5664,16 +5664,7 @@ printf "%s\n" "#define MAXLOGFILELEN $loglen" >>confdefs.h
# Check whether --with-ignore-dot was given. # Check whether --with-ignore-dot was given.
if test ${with_ignore_dot+y} if test ${with_ignore_dot+y}
then : then :
withval=$with_ignore_dot; case $with_ignore_dot in withval=$with_ignore_dot; enable_ignore_dot="$with_ignore_dot"
yes) ignore_dot=on
printf "%s\n" "#define IGNORE_DOT_PATH 1" >>confdefs.h
;;
no) ignore_dot=off
;;
*) as_fn_error $? "--with-ignore-dot does not take an argument." "$LINENO" 5
;;
esac
fi fi
@ -6635,6 +6626,24 @@ printf "%s\n" "$as_me: WARNING: ignoring unknown argument to --enable-env-debug:
fi fi
# Check whether --enable-ignore-dot was given.
if test ${enable_ignore_dot+y}
then :
enableval=$enable_ignore_dot; case "$enableval" in
yes) ignore_dot=on
;;
no) ignore_dot=off
printf "%s\n" "#define ALLOW_DOT_PATH 1" >>confdefs.h
;;
*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: ignoring unknown argument to --enable-ignore-dot: $enableval" >&5
printf "%s\n" "$as_me: WARNING: ignoring unknown argument to --enable-ignore-dot: $enableval" >&2;}
;;
esac
fi
# Check whether --enable-postinstall was given. # Check whether --enable-postinstall was given.
if test ${enable_postinstall+y} if test ${enable_postinstall+y}
then : then :
@ -6842,8 +6851,8 @@ then :
no) printf "%s\n" "#define NO_LEAKS 1" >>confdefs.h no) printf "%s\n" "#define NO_LEAKS 1" >>confdefs.h
;; ;;
*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: ignoring unknown argument to --disable-leaks: $enableval" >&5 *) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: ignoring unknown argument to --enable-leaks: $enableval" >&5
printf "%s\n" "$as_me: WARNING: ignoring unknown argument to --disable-leaks: $enableval" >&2;} printf "%s\n" "$as_me: WARNING: ignoring unknown argument to --enable-leaks: $enableval" >&2;}
;; ;;
esac esac

32
configure.ac
View File

@ -205,7 +205,7 @@ logfac=auth
goodpri=notice goodpri=notice
badpri=alert badpri=alert
loglen=80 loglen=80
ignore_dot=off ignore_dot=on
mail_no_user=on mail_no_user=on
mail_no_host=off mail_no_host=off
mail_no_perms=off mail_no_perms=off
@ -444,9 +444,7 @@ AC_ARG_WITH(csops, [AS_HELP_STRING([--with-csops], [add CSOps standard options])
[case $with_csops in [case $with_csops in
yes) AC_MSG_NOTICE([adding CSOps standard options]) yes) AC_MSG_NOTICE([adding CSOps standard options])
CHECKSIA=false CHECKSIA=false
with_ignore_dot=yes
insults=on insults=on
with_env_editor=yes
: ${mansectsu='8'} : ${mansectsu='8'}
: ${mansectform='5'} : ${mansectform='5'}
: ${mansectmisc='7'} : ${mansectmisc='7'}
@ -665,16 +663,7 @@ AC_ARG_WITH(loglen, [AS_HELP_STRING([--with-loglen], [maximum length of a log fi
esac]) esac])
AC_DEFINE_UNQUOTED(MAXLOGFILELEN, $loglen, [The max number of chars per log file line (for line wrapping).]) AC_DEFINE_UNQUOTED(MAXLOGFILELEN, $loglen, [The max number of chars per log file line (for line wrapping).])
AC_ARG_WITH(ignore-dot, [AS_HELP_STRING([--with-ignore-dot], [ignore '.' in the PATH])], AC_ARG_WITH(ignore-dot, [AS_HELP_STRING([--with-ignore-dot], [deprecated, use --disable-ignore-dot])], [enable_ignore_dot="$with_ignore_dot"])
[case $with_ignore_dot in
yes) ignore_dot=on
AC_DEFINE(IGNORE_DOT_PATH)
;;
no) ignore_dot=off
;;
*) AC_MSG_ERROR([--with-ignore-dot does not take an argument.])
;;
esac])
AC_ARG_WITH(mail-if-no-user, [AS_HELP_STRING([--without-mail-if-no-user], [do not send mail if user not in sudoers])], AC_ARG_WITH(mail-if-no-user, [AS_HELP_STRING([--without-mail-if-no-user], [do not send mail if user not in sudoers])],
[case $with_mail_if_no_user in [case $with_mail_if_no_user in
@ -1279,6 +1268,19 @@ AC_ARG_ENABLE(env_debug,
esac esac
]) ])
AC_ARG_ENABLE(ignore-dot,
[AS_HELP_STRING([--disable-ignore-dot], [allow '.' and "" in the PATH])],
[ case "$enableval" in
yes) ignore_dot=on
;;
no) ignore_dot=off
AC_DEFINE(ALLOW_DOT_PATH)
;;
*) AC_MSG_WARN([ignoring unknown argument to --enable-ignore-dot: $enableval])
;;
esac
])
AC_ARG_ENABLE(postinstall, AC_ARG_ENABLE(postinstall,
[AS_HELP_STRING([--enable-postinstall], [Script to run after the install phase])], [AS_HELP_STRING([--enable-postinstall], [Script to run after the install phase])],
[ case "$enableval" in [ case "$enableval" in
@ -1384,7 +1386,7 @@ AC_ARG_ENABLE(leaks,
yes) ;; yes) ;;
no) AC_DEFINE(NO_LEAKS) no) AC_DEFINE(NO_LEAKS)
;; ;;
*) AC_MSG_WARN([ignoring unknown argument to --disable-leaks: $enableval]) *) AC_MSG_WARN([ignoring unknown argument to --enable-leaks: $enableval])
;; ;;
esac esac
]) ])
@ -4759,7 +4761,7 @@ AH_TEMPLATE(HAVE_ST_MTIMESPEC, [Define to 1 if your struct stat has an st_mtimes
AH_TEMPLATE(HAVE_ST_NMTIME, [Define to 1 if your struct stat has an st_nmtime member.]) AH_TEMPLATE(HAVE_ST_NMTIME, [Define to 1 if your struct stat has an st_nmtime member.])
AH_TEMPLATE(HAVE___PROGNAME, [Define to 1 if your crt0.o defines the __progname symbol for you.]) AH_TEMPLATE(HAVE___PROGNAME, [Define to 1 if your crt0.o defines the __progname symbol for you.])
AH_TEMPLATE(HOST_IN_LOG, [Define to 1 if you want the hostname to be entered into the log file.]) AH_TEMPLATE(HOST_IN_LOG, [Define to 1 if you want the hostname to be entered into the log file.])
AH_TEMPLATE(IGNORE_DOT_PATH, [Define to 1 if you want to ignore '.' and empty PATH elements.]) AH_TEMPLATE(ALLOW_DOT_PATH, [Define to 1 if you want sudo to honor '.' and "" in the PATH.])
AH_TEMPLATE(LOGGING, [Define to SLOG_SYSLOG, SLOG_FILE, or SLOG_BOTH.]) AH_TEMPLATE(LOGGING, [Define to SLOG_SYSLOG, SLOG_FILE, or SLOG_BOTH.])
AH_TEMPLATE(LONG_OTP_PROMPT, [Define to 1 if you want a two line OTP (S/Key or OPIE) prompt.]) AH_TEMPLATE(LONG_OTP_PROMPT, [Define to 1 if you want a two line OTP (S/Key or OPIE) prompt.])
AH_TEMPLATE(NO_AUTHENTICATION, [Define to 1 if you don't want sudo to prompt for a password by default.]) AH_TEMPLATE(NO_AUTHENTICATION, [Define to 1 if you don't want sudo to prompt for a password by default.])

2
plugins/sudoers/defaults.c
View File

@ -483,7 +483,7 @@ init_defaults(void)
#ifdef LONG_OTP_PROMPT #ifdef LONG_OTP_PROMPT
def_long_otp_prompt = true; def_long_otp_prompt = true;
#endif #endif
#ifdef IGNORE_DOT_PATH #ifndef ALLOW_DOT_PATH
def_ignore_dot = true; def_ignore_dot = true;
#endif #endif
#ifdef ALWAYS_SEND_MAIL #ifdef ALWAYS_SEND_MAIL