Better description of secure_path.

The secure_path option affects the resolution of unqualified commands
as well as the environment that commands run with.

diff --git a/doc/sudoers.cat b/doc/sudoers.cat
index 88b5dbf90df76bed24029768f76d0ac90ddb3063..63aa104e08199427a7c1738e24c71512b627acdb 100644 (file)
--- a/doc/sudoers.cat
+++ b/doc/sudoers.cat
@@ -2080,13 +2080,15 @@ S\bSU\bUD\bDO\bOE\bER\bRS\bS O\bOP\bPT\bTI\bIO\bON\bNS\bS
                    either case, the contents of _\br_\be_\bs_\bt_\br_\bi_\bc_\bt_\be_\bd_\b__\be_\bn_\bv_\b__\bf_\bi_\bl_\be are
                    processed before the contents of _\be_\bn_\bv_\b__\bf_\bi_\bl_\be.
 
-     secure_path   Path used for every command run from s\bsu\bud\bdo\bo.  If you don't
-                   trust the people running s\bsu\bud\bdo\bo to have a sane PATH
-                   environment variable you may want to use this.  Another use
-                   is if you want to have the "root path" be separate from the
-                   "user path".  Users in the group specified by the
-                   _\be_\bx_\be_\bm_\bp_\bt_\b__\bg_\br_\bo_\bu_\bp option are not affected by _\bs_\be_\bc_\bu_\br_\be_\b__\bp_\ba_\bt_\bh.  This
-                   option is not set by default.
+     secure_path   If set, s\bsu\bud\bdo\bo will use this value in place of the user's
+                   PATH environment variable.  This option can be used to
+                   reset the PATH to a known good value that contains
+                   directories for system administrator commands such as
+                   _\b/_\bu_\bs_\br_\b/_\bs_\bb_\bi_\bn.
+
+                   Users in the group specified by the _\be_\bx_\be_\bm_\bp_\bt_\b__\bg_\br_\bo_\bu_\bp option are
+                   not affected by _\bs_\be_\bc_\bu_\br_\be_\b__\bp_\ba_\bt_\bh.  This option is not set by
+                   default.
 
      syslog        Syslog facility if syslog is being used for logging (negate
                    to disable syslog logging).  Defaults to auth.

diff --git a/doc/sudoers.man.in b/doc/sudoers.man.in
index 8c5dd5f156d6bd89c9a95aef366b0792a719e654..dd677daa2e9944dd339267f3308f8db7243e0e95 100644 (file)
--- a/doc/sudoers.man.in
+++ b/doc/sudoers.man.in
@@ -4159,18 +4159,17 @@ are processed before the contents of
 \fIenv_file\fR.
 .TP 14n
 secure_path
-Path used for every command run from
-\fBsudo\fR.
-If you don't trust the
-people running
+If set,
 \fBsudo\fR
-to have a sane
+will use this value in place of the user's
 \fRPATH\fR
-environment variable you may want to use this.
-Another use is if you want to have the
-\(lqroot path\(rq
-be separate from the
-\(lquser path\(rq.
+environment variable.
+This option can be used to reset the
+\fRPATH\fR
+to a known good value that contains directories for system administrator
+commands such as
+\fI/usr/sbin\fR.
+.sp
 Users in the group specified by the
 \fIexempt_group\fR
 option are not affected by

diff --git a/doc/sudoers.mdoc.in b/doc/sudoers.mdoc.in
index 5819c5e1781a39735ba7efceda261a5a14f0dcd2..60616f29bb7568b134142cf8db16cdee239a1121 100644 (file)
--- a/doc/sudoers.mdoc.in
+++ b/doc/sudoers.mdoc.in
@@ -3885,18 +3885,17 @@ In either case, the contents of
 are processed before the contents of
 .Em env_file .
 .It secure_path
-Path used for every command run from
-.Nm sudo .
-If you don't trust the
-people running
+If set,
 .Nm sudo
-to have a sane
+will use this value in place of the user's
 .Ev PATH
-environment variable you may want to use this.
-Another use is if you want to have the
-.Dq root path
-be separate from the
-.Dq user path .
+environment variable.
+This option can be used to reset the
+.Ev PATH
+to a known good value that contains directories for system administrator
+commands such as
+.Pa /usr/sbin .
+.Pp
 Users in the group specified by the
 .Em exempt_group
 option are not affected by