Warn people not to use --enable-asan in production.

author Todd C. Miller <Todd.Miller@courtesan.com>

Wed, 3 May 2017 18:56:06 +0000 (12:56 -0600)

committer Todd C. Miller <Todd.Miller@courtesan.com>

Wed, 3 May 2017 18:56:06 +0000 (12:56 -0600)
author Todd C. Miller <Todd.Miller@courtesan.com>
Wed, 3 May 2017 18:56:06 +0000 (12:56 -0600)
committer Todd C. Miller <Todd.Miller@courtesan.com>
Wed, 3 May 2017 18:56:06 +0000 (12:56 -0600)
diff --git a/INSTALL b/INSTALL

index edb53a9d8d3fae4cdb8ff83cdabd32856499867c..c674ac71a140538cacc25bcb5c9958589e6656d7 100644 (file)
--- a/INSTALL
+++ b/INSTALL
@@ -173,6 +173,11 @@ Compilation options:
          https://github.com/google/sanitizers/wiki/AddressSanitizer
         The following compiler flag is used: -fsanitize=address,undefined
  
+        This option should only be used for testing and not in a
+        production environment.  Due to AddressSanitizer's unchecked
+        use of environment variables, it is trivial to exploit a
+        setuid root executable such as sudo.
+
    --enable-pie
          Build sudo and related programs as as a position independent
          executables (PIE).  This improves the effectiveness of address
author	Todd C. Miller <Todd.Miller@courtesan.com>
	Wed, 3 May 2017 18:56:06 +0000 (12:56 -0600)
committer	Todd C. Miller <Todd.Miller@courtesan.com>
	Wed, 3 May 2017 18:56:06 +0000 (12:56 -0600)