On Tue, 30 Aug 2011 13:46:54 -0600, Bob Proulx <b...@proulx.com> wrote: > Alternatively the sudo package could include a new conffile file in > the package /etc/sudoers.d/00-secure_path or some such that includes > the new secure_path setting. Being a new file it would be installed > by default without dialog and become available.
The problem with this idea is that the include directive was only recently added to the default Debian sudoers file, and so many systems with customized sudoers files might remain broken. The solution I'd like best but haven't made time to try and work out yet is for the binary to have a default secure_path, but still allow secure_path to be overridden in the sudoers file. I'm about to head out the door for a week in which I'm unlikely to have time to work on this, so if you or anyone else want to figure out if some combination of existing configure arguments or a simple patch might allow this to be implemented, that'd be great! Oh, and thanks for the proposed NEWS entry text, I agree that given the reaction to this change so far, some notice is warranted, and will plan to merge this or something like it for the next upload. Bdale
pgpFb0FN019n9.pgp
Description: PGP signature
