existing parser.
}, {
"runas_default", T_STR,
"Default user to run commands as: %s"
- }, {
- "secure_path", T_STR|T_BOOL,
- "Value to override user's $PATH with: %s"
}, {
"editor", T_STR|T_PATH,
"Path to the editor for use by visudo: %s"
#define I_EXEMPT_GROUP 46
#define I_PASSPROMPT 47
#define I_RUNAS_DEFAULT 48
-#define I_SECURE_PATH 49
-#define I_EDITOR 50
-#define I_ENV_CHECK 51
-#define I_ENV_DELETE 52
-#define I_ENV_KEEP 53
-#define I_LISTPW_I 54
-#define I_VERIFYPW_I 55
-#define I_LISTPW 56
-#define I_VERIFYPW 57
+#define I_EDITOR 49
+#define I_ENV_CHECK 50
+#define I_ENV_DELETE 51
+#define I_ENV_KEEP 52
+#define I_LISTPW_I 53
+#define I_VERIFYPW_I 54
+#define I_LISTPW 55
+#define I_VERIFYPW 56
runas_default
T_STR
"Default user to run commands as: %s"
-secure_path
- T_STR|T_BOOL
- "Value to override user's $PATH with: %s"
editor
T_STR|T_PATH
"Path to the editor for use by visudo: %s"
#endif
#ifdef EXEMPTGROUP
def_str(I_EXEMPT_GROUP) = estrdup(EXEMPTGROUP);
-#endif
-#ifdef SECURE_PATH
- def_str(I_SECURE_PATH) = estrdup(SECURE_PATH);
#endif
def_str(I_EDITOR) = estrdup(EDITOR);
* Access via 'nep' is not allowed (since we must check for dupes).
*/
+#ifdef SECURE_PATH
/* Replace the PATH envariable with a secure one. */
- if (def_str(I_SECURE_PATH))
- insert_env(newenvp, format_env("PATH", def_str(I_SECURE_PATH)));
+ insert_env(newenvp, format_env("PATH", SECURE_PATH));
+#endif
/* Set $HOME for `sudo -H'. Only valid at PERM_RUNAS. */
if ((sudo_mode & MODE_RESET_HOME) && runas_pw->pw_dir)
}
/* Use PATH passed in unless SECURE_PATH is in effect. */
- if (def_str(I_SECURE_PATH))
- path = def_str(I_SECURE_PATH);
- else if (path == NULL)
+#ifdef SECURE_PATH
+ if (!user_is_exempt())
+ path = SECURE_PATH;
+#endif /* SECURE_PATH */
+ if (path == NULL)
return(NOT_FOUND);
path = estrdup(path);
origpath = path;
/* Validate the user but don't search for pseudo-commands. */
validated = sudoers_lookup(pwflag);
- /* Exempt users aren't affected by secure paths. */
- if (user_is_exempt() && def_str(I_SECURE_PATH)) {
- free(def_str(I_SECURE_PATH));
- def_str(I_SECURE_PATH) = NULL;
- }
-
/*
* Look up runas user passwd struct. If we are given a uid then
* there may be no corresponding passwd(5) entry (which is OK).
=item env_reset
If set, B<sudo> will reset the environment to only contain the
-following variables: C<HOME>, C<SHELL>, C<LOGNAME>, and C<USER>
-(in addition to the C<SUDO_*> variables). The C<PATH> and C<TERM>
-environment variables are preserved unaltered. Other specific variables
-may be preserved with the i<env_keep> option.
+following variables: C<HOME>, C<LOGNAME>, C<PATH>, C<SHELL>, C<TERM>,
+and C<USER> (in addition to the C<SUDO_*> variables).
+Of these, only C<TERM> is copied unaltered from the old environment.
+The other variables are set to default values (possibly modified
+by the value of the I<set_logname> option). If B<sudo> was compiled
+with the C<SECURE_PATH> option, its value will be used for the C<PATH>
+environment variable.
+Other variables may be preserved with the i<env_keep> option.
=item use_loginclass
Users in this group are exempt from password and PATH requirements.
This is not set by default.
-=item secure_path
-
-Path used for every command run from B<sudo>. If you don't trust the
-people running B<sudo> to have a sane C<PATH> environment variable you may
-want to use this. Another use is if you want to have the "root path"
-be separate from the "user path." This is not set by default.
-
=item verifypw
This option controls when a password will be required when a user runs
projects / sudo / commitdiff