From b3cd9b1f96c8d2113905a143bcfc24f6ad5e4050 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Mon, 14 Jun 1999 23:47:56 +0000
Subject: [PATCH] mention why DONT_LEAK_PATH_INFO is not the default

---
 sudo.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/sudo.c b/sudo.c
index 3a2c9cc52..72b6e164e 100644
--- a/sudo.c
+++ b/sudo.c
@@ -360,6 +360,13 @@ main(argc, argv)
 	    check_user();
 
 	case VALIDATE_NOT_OK_NOPASS:
+	    /*
+	     * We'd like to not leak path info at all here, but that can
+	     * *really* confuse the users.  To really close the leak we'd
+	     * have to say "not allowed to run foo" even when the problem
+	     * is just "no foo in path" since the user can trivially set
+	     * their path to just contain a single dir.
+	     */
 #ifndef DONT_LEAK_PATH_INFO
 	    log_error(rtn);
 	    if (cmnd_status == NOT_FOUND_DOT)
-- 
2.50.1