From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Mon, 14 Jun 1999 23:47:56 +0000 (+0000)
Subject: mention why DONT_LEAK_PATH_INFO is not the default
X-Git-Tag: SUDO_1_6_0~271
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=b3cd9b1f96c8d2113905a143bcfc24f6ad5e4050;p=sudo

mention why DONT_LEAK_PATH_INFO is not the default
---

diff --git a/sudo.c b/sudo.c
index 3a2c9cc52..72b6e164e 100644
--- a/sudo.c
+++ b/sudo.c
@@ -360,6 +360,13 @@ main(argc, argv)
 	    check_user();
 
 	case VALIDATE_NOT_OK_NOPASS:
+	    /*
+	     * We'd like to not leak path info at all here, but that can
+	     * *really* confuse the users.  To really close the leak we'd
+	     * have to say "not allowed to run foo" even when the problem
+	     * is just "no foo in path" since the user can trivially set
+	     * their path to just contain a single dir.
+	     */
 #ifndef DONT_LEAK_PATH_INFO
 	    log_error(rtn);
 	    if (cmnd_status == NOT_FOUND_DOT)