NOTE: SECURE_PATH is not applied to users in the EXEMPTGROUP.
This is off by default.
-NO_DOT_PATH
+IGNORE_DOT_PATH
If defined, sudo will ignore '.' or '' (current dir) in $PATH.
The $PATH itself is not modified.
This is off by default.
char *path = NULL; /* contents of PATH env var */
char *origpath; /* so we can free path later */
char *result = NULL; /* result of path/file lookup */
-#ifndef NO_DOT_PATH
+#ifndef IGNORE_DOT_PATH
int checkdot = 0; /* check current dir? */
-#endif /* NO_DOT_PATH */
+#endif /* IGNORE_DOT_PATH */
command[0] = '\0';
* things like using './' or './/'
*/
if (*path == '\0' || (*path == '.' && *(path + 1) == '\0')) {
-#ifndef NO_DOT_PATH
+#ifndef IGNORE_DOT_PATH
checkdot = 1;
-#endif /* NO_DOT_PATH */
+#endif /* IGNORE_DOT_PATH */
path = n + 1;
continue;
}
} while (n);
-#ifndef NO_DOT_PATH
+#ifndef IGNORE_DOT_PATH
/*
* check current dir if dot was in the PATH
*/
if (!result && checkdot)
result = sudo_goodpath(file);
-#endif /* NO_DOT_PATH */
+#endif /* IGNORE_DOT_PATH */
(void) free(origpath);
#define INCORRECT_PASSWORD "Sorry, try again." /* message for bad passwd */
#define MAILSUBJECT "*** SECURITY information ***" /* subject of mail sent */
#define PASSPROMPT "Password:" /* default password prompt */
-/*#define NO_DOT_PATH /* ignore '.' if in $PATH */
+/*#define IGNORE_DOT_PATH /* ignore '.' in $PATH if it exists */
/*#define SECURE_PATH "/bin:/usr/ucb:/usr/bin:/usr/etc:/etc" /* secure path */
/*#define USE_EXECV /* use execv() instead of execvp() */
/*#define SHELL_IF_NO_ARGS /* if sudo is given no arguments run a shell */
projects / sudo / commitdiff