o Document -K flag and update meaning of -k flag.
o BSD-style copyright o Document clearing of BIND resolver environment variables o Clarify bit about shared libs o suggest rc files create /tmp/.odus if your OS gives away files
This commit is contained in:
Todd C. Miller
50
sudo.pod
50
sudo.pod
@@ -8,7 +8,7 @@ sudo - execute a command as the superuser
|
|||||||
|
|
||||||
=head1 SYNOPSIS
|
=head1 SYNOPSIS
|
||||||
|
|
||||||
B<sudo> B<-V> | B<-h> | B<-l> | B<-v> | B<-k> | B<-s> | B<-H> |
|
B<sudo> B<-V> | B<-h> | B<-l> | B<-v> | B<-k> | B<-K> | B<-s> | B<-H> |
|
||||||
[ B<-b> ] | [ B<-r> realm ] | [ B<-p> prompt ] [ B<-u> username/#uid] I<command>
|
[ B<-b> ] | [ B<-r> realm ] | [ B<-p> prompt ] [ B<-u> username/#uid] I<command>
|
||||||
|
|
||||||
=head1 DESCRIPTION
|
=head1 DESCRIPTION
|
||||||
@@ -61,10 +61,16 @@ minutes) but does not run a command.
|
|||||||
|
|
||||||
=item -k
|
=item -k
|
||||||
|
|
||||||
The C<-k> (I<kill>) option to B<sudo> removes the user's timestamp
|
The C<-k> (I<kill>) option to B<sudo> invalidates the user's timestamp
|
||||||
file, thus requiring the user's password the next time B<sudo> is run.
|
file by setting the time on it to the epoch. The next time B<sudo> is
|
||||||
This option does not require a password and was added to
|
run a password will be required. This option does not require a password
|
||||||
allow a user to revoke B<sudo> permissions from a .logout file.
|
and was added to allow a user to revoke B<sudo> permissions from a .logout
|
||||||
|
file.
|
||||||
|
|
||||||
|
=item -K
|
||||||
|
|
||||||
|
The C<-K> (sure I<kill>) option to B<sudo> removes the user's timestamp
|
||||||
|
file entirely. This option does not require a password.
|
||||||
|
|
||||||
=item -b
|
=item -b
|
||||||
|
|
||||||
@@ -134,8 +140,8 @@ to subvert the program that B<sudo> runs. To combat this the
|
|||||||
C<LD_*>, C<_RLD_*>, C<SHLIB_PATH> (HP-UX only), and C<LIBPATH> (AIX
|
C<LD_*>, C<_RLD_*>, C<SHLIB_PATH> (HP-UX only), and C<LIBPATH> (AIX
|
||||||
only) environment variables are removed from the environment passed
|
only) environment variables are removed from the environment passed
|
||||||
on to all commands executed. B<sudo> will also remove the C<IFS>,
|
on to all commands executed. B<sudo> will also remove the C<IFS>,
|
||||||
C<ENV>, C<BASH_ENV>, C<KRB_CONF> and C<KRB5_CONFIG> variables as
|
C<ENV>, C<BASH_ENV>, C<KRB_CONF>, C<KRB5_CONFIG>, C<LOCALDOMAIN>,
|
||||||
they too can pose a threat.
|
C<RES_OPTIONS> and C<HOSTALIASES> variables as they too can pose a threat.
|
||||||
|
|
||||||
To prevent command spoofing, B<sudo> checks "." and "" (both denoting
|
To prevent command spoofing, B<sudo> checks "." and "" (both denoting
|
||||||
current directory) last when searching for a command in the user's
|
current directory) last when searching for a command in the user's
|
||||||
@@ -143,10 +149,10 @@ PATH (if one or both are in the PATH). Note, however, that the
|
|||||||
actual PATH environment variable is I<not> modified and is passed
|
actual PATH environment variable is I<not> modified and is passed
|
||||||
unchanged to the program that B<sudo> executes.
|
unchanged to the program that B<sudo> executes.
|
||||||
|
|
||||||
For security reasons, if your OS supports shared libraries, B<sudo>
|
For security reasons, if your OS supports shared libraries and does
|
||||||
should always be statically linked unless the dynamic loader disables
|
not disable user-defined library search paths for setuid programs
|
||||||
user-defined library search paths for setuid programs. (Most modern
|
(most do), you should either use a linker option that disables this
|
||||||
dynamic loaders do this.)
|
behavior or link B<sudo> statically.
|
||||||
|
|
||||||
B<sudo> will check the ownership of its timestamp directory
|
B<sudo> will check the ownership of its timestamp directory
|
||||||
(F</var/run/sudo> or F</tmp/.odus> by default) and ignore the
|
(F</var/run/sudo> or F</tmp/.odus> by default) and ignore the
|
||||||
@@ -162,13 +168,14 @@ since once the timestamp dir is owned by root and inaccessible by
|
|||||||
any other user the user placing files there would be unable to get
|
any other user the user placing files there would be unable to get
|
||||||
them back out. To get around this issue you can use a directory
|
them back out. To get around this issue you can use a directory
|
||||||
that is not world-writable for the timestamps (F</var/adm/sudo> for
|
that is not world-writable for the timestamps (F</var/adm/sudo> for
|
||||||
instance).
|
instance) or create /tmp/.odus with the appropriate owner (root) and
|
||||||
|
permissions (0700) in the system startup files.
|
||||||
|
|
||||||
C<sudo> will not honor timestamp files set far in the future.
|
C<sudo> will not honor timestamp files set far in the future.
|
||||||
Timestamp files with a date greater than current_time + 2 * C<TIMEOUT>
|
Timestamp files with a date greater than current_time + 2 * C<TIMEOUT>
|
||||||
will be ignored and sudo complain about a "preposterous stampfile
|
will be ignored and sudo will log and complain. This is done to
|
||||||
date". This is done to keep a user from creating his/her own
|
keep a user from creating his/her own timestamp file with a bogus
|
||||||
timestamp file with a bogus date.
|
date on system that allow users to give away files.
|
||||||
|
|
||||||
=head1 FILES
|
=head1 FILES
|
||||||
|
|
||||||
@@ -194,12 +201,11 @@ timestamp file with a bogus date.
|
|||||||
Many people have worked on B<sudo> over the years, this
|
Many people have worked on B<sudo> over the years, this
|
||||||
version consists of code written primarily by:
|
version consists of code written primarily by:
|
||||||
|
|
||||||
Jeff Nieusma
|
|
||||||
David Hieb
|
|
||||||
Todd Miller
|
Todd Miller
|
||||||
Chris Jepeway
|
Chris Jepeway
|
||||||
|
|
||||||
See the HISTORY file in the B<sudo> distribution for more details.
|
See the HISTORY file in the B<sudo> distribution for a short history
|
||||||
|
of B<sudo>.
|
||||||
|
|
||||||
Please send all bugs, comments, and changes to sudo-bugs@courtesan.com.
|
Please send all bugs, comments, and changes to sudo-bugs@courtesan.com.
|
||||||
|
|
||||||
@@ -207,12 +213,8 @@ Please send all bugs, comments, and changes to sudo-bugs@courtesan.com.
|
|||||||
|
|
||||||
This program is distributed in the hope that it will be useful, but
|
This program is distributed in the hope that it will be useful, but
|
||||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the LICENSE
|
||||||
General Public License for more details.
|
file distributed with sudo for more details.
|
||||||
|
|
||||||
You should have received a copy of the GNU General Public License along
|
|
||||||
with this program; if not, write to the Free Software Foundation, Inc.,
|
|
||||||
675 Mass Ave, Cambridge, MA 02139, USA.
|
|
||||||
|
|
||||||
=head1 CAVEATS
|
=head1 CAVEATS
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user