On Thu, 25 Aug 2011 22:01:47 +0000, Thorsten Glaser <t...@mirbsd.de> wrote: > Package: sudo > Version: 1.8.2-1 > Severity: normal > > Apparently, there's a new directive in the default sudoers now: > | Defaults > secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" > > Without it, "sudo visudo" will fail. When asking Y to let dpkg > overwrite the existing conffile on the system, people might lose > root access to the entire machine. (No, I said N and manually > run "sudo /usr/sbin/visudo" then merging it.)
Right, I resolved multiple long-standing bugs regarding the previous approach of hard-coding the secure path at compile time by moving the definition to sudoers. That's a feature, not a bug, but it's certainly true that any time sudoers is updated there's a chance the admin will have trouble. > Like when env_reset became default (one of the first things I > remove), this changes the default behaviour in an unsafe way, > and as such should not (IMHO) be forced on the user on upgrade, > i.e. upgrading existing systems should keep the older behaviour > (while warning about it, probably). Nothing is "forced on the user", the conffile handling is doing exactly what is expected. If the admin chooses to not accept the update, the worst that happens is they have to fully qualify command paths until they've patched up sudoers. > Also, visudo now asks > | press return to edit /etc/sudoers.d/README: > which, while cosmetic, will lead to much frustration and some > confusion under the sysadmins. I don't see that. What command causes you to get that message? Bdale
pgpy3JXOHg1wM.pgp
Description: PGP signature
