Mark code that escapes/unescapes "sudo -s cmd args..." for removal.

A future version of the plugin API will defer any such escaping
to the policy plugin so it can be configurable.

plugins/sudoers/strlcpy_unesc.c

@@ -29,6 +29,9 @@
 
 #include "sudoers.h"
 
+/*
+ * Like strlcpy() but collapses non-space chars escaped with a backslash.
+ */
 size_t
 strlcpy_unescape(char *dst, const char *src, size_t size)
 {

plugins/sudoers/sudoers.c

@@ -1047,6 +1047,7 @@ set_cmnd(void)
 		 * When running a command via a shell, the sudo front-end
 		 * escapes potential meta chars.  We unescape non-spaces
 		 * for sudoers matching and logging purposes.
+		 * TODO: move escaping to the policy plugin instead
 		 */
 		user_args = strvec_join(NewArgv + 1, ' ', strlcpy_unescape);
 	    } else {

src/parse_args.c

@@ -606,6 +606,7 @@ parse_args(int argc, char **argv, int *old_optind, int *nargc, char ***nargv,
 
     /*
      * For shell mode we need to rewrite argv
+     * TODO: move this to the policy plugin and make escaping configurable
      */
     if (ISSET(flags, MODE_SHELL|MODE_LOGIN_SHELL) && ISSET(mode, MODE_RUN)) {
 	char **av, *cmnd = NULL;