January 15, 2002

Sudo version 1.6.4 now available

Author: JT Smith

"[T]his release does fix the majority of problems in the sudo bugs database and adds features a number of people have asked for. I hope to make more frequent releases in the near future (it has been quite a while since 1.6.3 was originally released)."
 Date: Mon, 14 Jan 2002 07:44:02 -0700
 From: Todd C. Miller 
 To: sudo-announce@courtesan.com
 Subject: Sudo version 1.6.4 now available
 
 Sudo version 1.6.4 is now available (ftp sites listed at the end).
 
 There are some thing I had promised for the next release that are
 not in 1.6.4 due to the large changes in the parser that these
 changes require to work properly.  Nonetheless this release does
 fix the majority of problems in the sudo bugs database and adds
 features a number of people have asked for.  I hope to make more
 frequent releases in the near future (it has been quite a while
 since 1.6.3 was originally released).
 
  - todd
 
 Major changes since 1.6.3p7:
 
  o Visudo now checks for the existence of an editor and gives a sensible
    error if it does not exist.
 
  o The path to the editor for visudo is now a colon-separated list of
    allowable editors.  If the user has $EDITOR set and it matches
    one of the allowed editors that editor will be used.  If not,
    the first editor that actually exists is used.
 
  o Allow special characters (including '#') to be embedded in pathnames
    if quoted by a '\\'.  The quoted chars will be dealt with by fnmatch().
    Unfortunately, 'sudo -l' still prints the '\\'.
 
  o Added the always_set_home option.
 
  o Strip NLSPATH and PATH_LOCALE out from the environment to prevent
    reading of protected files by a less privileged user.
 
  o Added support for BSD authentication and associated -a flag.
 
  o Added stay_setuid option for systems that have libraries that perform
    extra paranoia checks in system libraries for setuid programs.
 
  o Environment munging is now done by hand.  The environment is zeroed
    upon sudo startup and a new environment is built before the command
    is executed.  This means we don't rely on getenv(3), putenv(3),
    or setenv(3).
 
  o Added a class of environment variables that are only cleared if they
    contain '/' or '%' characters.
 
  o Use stashed user_gid when checking against exempt gid since sudo
    sets its gid to SUDOERS_GID, making getgid() return that, not the
    real gid.  Fixes problem with setting exempt group == SUDOERS_GID.
 
  o Regenerated configure script with autoconf-2.52 (required some
    tweaking of configure.in and friends).
 
  o Added mail_badpass option to send mail when the user does not
    authenticate successfully.
 
  o Added env_reset Defaults option to reset the environment to
    a clean slate.  Also implemented env_keep Defaults option
    to specify variables to be preserved when resetting the
    environment.
 
  o Added env_check and env_delete Defaults options to allow the admin
    to modify the builtin list of environment variables to remove.
 
  o If timestamp_timeout  (Los Angeles, California, USA)
     http://mirage.informationwave.net/sudo/ (Fanwood, New Jersey, USA)
     http://www.c0r3dump.com/sudo/ (Edmonton, Canada)
     http://sudo.cdu.elektra.ru/ (Russia)
 
 Master FTP sites:
     ftp.sudo.ws:/pub/sudo/
     ftp.cs.colorado.edu:/pub/sudo/
 
 FTP Mirrors:
     ftp.cs.colorado.edu:/pub/sudo/ (Boulder, Colorado, USA)
     ftp.stikman.com:/pub/sudo/ (Los Angeles, California, USA)
     ftp.uu.net:/pub/security/sudo/ (Falls Church, Virginia, USA)
     ftp.tux.org:/pub/security/sudo/ (Beltsville, Maryland, USA)
     coast.cs.purdue.edu:/pub/tools/unix/sysutils/sudo/ (West Lafayette, Indiana, USA)
     ftp.uwsg.indiana.edu:/pub/sudo/ (Bloomington, Indiana, USA)
     sudobash.com:/pub/sudo/ (Ypsilanti, Michigan, USA)
     ftp.tamu.edu:/pub/mirrors/ftp.courtesan.com/ (College Station, Texas, USA)
     ftp.rge.com:/pub/admin/sudo/ (Rochester, New York, USA)
     mirage.informationwave.net:/sudo/ (Fanwood, New Jersey, USA)
     ftp.wiretapped.net:/pub/security/host-security/sudo/ (Australia)
     ftp.tuwien.ac.at:/utils/admin-tools/sudo/ (Austria)
     sunsite.ualberta.ca:/pub/Mirror/sudo/ (Alberta, Canada)
     ftp.csc.cuhk.edu.hk:/pub/packages/unix-tools/sudo/ (Hong Kong, China)
     ftp.eunet.cz:/pub/security/sudo/ (Czechoslovakia)
     ftp.umds.ac.uk:/pub/sudo/ (Great Britain)
     ftp.tvi.tut.fi:/pub/security/unix/sudo/ (Finland)
     ftp.lps.ens.fr:/pub/software/sudo/ (France)
     ftp.crihan.fr:/pub/security/sudo/ (France)
     ftp.rz.uni-osnabrueck.de:/pub/unix/security/sudo/ (Germany)
     ftp.win.ne.jp:/pub/misc/sudo/ (Japan)
     ftp.st.ryukoku.ac.jp:/pub/security/tool/sudo/ (Japan)
     ftp.eos.hokudai.ac.jp:/pub/misc/sudo/ (Japan)
     ftp.tokyonet.ad.jp:/pub/security/sudo/ (Japan)
     ftp.kobe-u.ac.jp:/pub/util/security/tool/sudo/ (Japan)
     ftp.cin.nihon-u.ac.jp:/pub/util/sudo/ (Japan)
     ftp.fujitsu.co.jp:/pub/misc/sudo/ (Japan)
     core.ring.gr.jp:/pub/misc/sudo/ (Japan)
     ftp.ring.gr.jp:/pub/misc/sudo/ (Japan)
     ftp.ayamura.org:/pub/sudo/ (Japan)
     ftp.iphil.net:/pub/sudo/ (Makati City, Philippines)
     ftp.icm.edu.pl:/vol/wojsyl5/sudo/ (Poland)
     ftp.assist.ro:/pub/mirrors/ftp.courtesan.com/pub/sudo/ (Romania)
     ftp.sai.msu.su:/pub/unix/security/ (Russia)
     ftp.cdu.elektra.ru:/pub/unix/security/sudo/ (Russia)
     ftp.mc.hik.se:/pub/unix/security/sudo/ (Sweden)
     ftp.sekure.net:/pub/sudo/ (Sweden)
     ftp.edu.tw:/UNIX/sudo/ (Taiwan)
     ftp.comu.edu.tr:/pub/linux/prog/sudo/ (Turkey)
 ____________________________________________________________
 sudo-announce mailing list 
For list information, options, or to unsubscribe, visit:
 http://www.sudo.ws/mailman/listinfo/sudo-announce
 

Category:

  • Linux
Click Here!