From 46e856500b37e7c91636c4b8c5a2dc9a014dc689 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 28 Jul 1999 09:24:45 +0000 Subject: [PATCH] updates --- CHANGES | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/CHANGES b/CHANGES index 337f125e0..6bfae92d5 100644 --- a/CHANGES +++ b/CHANGES @@ -1076,24 +1076,28 @@ Sudo 1.5.9 released. the program. We don't want the user to be able to simply kill us and avoid logging. -338) Rewrote timestamp handling. Tty-based stamps are now sane and are of - the form /var/run/sudo/username/tty. This means you only get the - lecture once, not once per tty. The meaning of -k has changed to - mean "invalidate the timestamp". There is a new -K option to really - remove the file. +338) Rewrote timestamp handling. For the default case, a directory is used + instead of a file. For the tty-based case, the timestamp is just a + file in that directory (eg. /var/run/sudo/username/tty). You now only + get the lecture once, even in the tty case. The goal here is to allow + the tty and non-tty schemes to coexist, though it is worth noting that + when you update a tty file, the mtime of the dir gets updated too. -339) New modular authentication API. This fixes the nest of #ifdefs that +339) The meaning of -k has changed to mean "invalidate the timestamp". + There is a new -K option to really remove the timestamp file/dir. + +340) New modular authentication API. This fixes the nest of #ifdefs that was the old auth code. -340) New logging functions. log_error() now takes a variable number of +341) New logging functions. log_error() now takes a variable number of args ala printf() and log_auth() reacts to the return value of validate(). -341) If a user is not in the sudoers file they are still asked for a password. +342) If a user is not in the sudoers file they are still asked for a password. This keeps someone who finds a user logged in to a terminal from being able to tell whether or not the user is allowed to use sudo. -342) New PAM code again, this time it should be correct. +343) New PAM code again, this time it should be correct. -343) tgetpass() now has a flag to specify whether or not to turn +344) tgetpass() now has a flag to specify whether or not to turn off echo while reading the password. Used by the new PAM and fwtk code. -- 2.40.0