From: Todd C. Miller Date: Thu, 26 Aug 1999 09:19:00 +0000 (+0000) Subject: more things todo! X-Git-Tag: SUDO_1_6_0~94 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=21e6a9d16dd89621e398fb8507ea78d799bd2d44;p=sudo more things todo! --- diff --git a/TODO b/TODO index 2b5acd045..89a2855eb 100644 --- a/TODO +++ b/TODO @@ -1,9 +1,14 @@ -TODO list (most will be addressed in the next rewrite) +TODO list (most will be addressed in sudo 2.0) 01) Redo parsing to be more like op(8) with true command aliases where can specify uid, gid(s) and part/all of the environment. 02) Add default options to sudoers file (umask, def uid, def gids, dir, PATH). + Defaults = option1, option2, ... + Defaults@host = option1, option2, ... + Defaults!user = option1, option2, ... + Defaults%group = option1, option2, ... + Defaults+netgroup = option1, option2, ... 03) Add a SHELLS reserved word that checks against /etc/shells. @@ -24,10 +29,11 @@ TODO list (most will be addressed in the next rewrite) after doing the stat to guard against spoofing. This should avoid the race condition caused by going through namei() twice... -11) Overhaul testsudoers to use parse.o so we don't reimplement things. +11) Overhaul testsudoers to use things from parse.o so we don't reimplement + things. 12) Make runas_user a struct "runas" with user and group components. - (make uid and gid too???) + (maybe uid and gid too???) 13) Add -g group/gid option. @@ -35,6 +41,8 @@ TODO list (most will be addressed in the next rewrite) pete ALL=PASSWD [A-z]*,!PASSWD root where PASSWD was defined to be /usr/bin/passwd. This requires the arg parsing to happen in the yacc grammer. + At the very least, commands and args have to become separate + tokens in the lexer. 15) Add a per-tty restriction? Ie: only can run foo from /dev/console. @@ -45,9 +53,18 @@ TODO list (most will be addressed in the next rewrite) 18) An option to make "sudo -s" use the target user's shell might be nice (and more like su). -19) Sudo should have a separate error message for when the user is in sudoers - but not allowed to run stuff on that host, and send mail. +19) Use getrlimit() in preference to getconf()/getdtablesize(). -20) Use getrlimit() in preference to getconf() +20) Add configure option to enable old behavior of visudo (O_EXCL)? + --without-sudoers-lock? -21) Include a syslog.conf sample +21) Profile sudo again (is the yacc grammar optimal?) + +22) Zero out encrypted passwords after use. Use an Exit function or + some such (have to hook in to emalloc() and friends). + Hard (impossible?) to be thorough w/ atexit/on_exit. + +23) Make 'sudo -l user' if run as root do a "sudo -l" output for the specified + user. + +24) Use strtol() and strtoul(), not atoi()?