isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,414 Commits 1 Branch 0 Tags
d18ee79354d8c9970a9d00689a41fde3b9eedd65
Commit Graph

32 Commits

Author SHA1 Message Date
Todd C. Miller
85fef8b50f Add sudoers option to perform authentication even in non-interative mode. 
If noninteractive_auth is set, authentication methods that do not
require input from the user's terminal may proceed.  It is off by
default, which restores the pre-1.9.9 behavior of "sudo -n".
 2022-02-01 20:08:26 -07:00
Todd C. Miller
9b93961b3e Add new log_passwords and passprompt_regex settings. 
When logging terminal input, if log_passwords is false and any
of the regular expressions in the passprompt_regex list are found
in the terminal output, terminal input will be replaced with '*'
characters until a newline or carriage return is found in the input
or an output character is received.
 2022-01-28 08:52:42 -07:00
Todd C. Miller
0efe280037 Add a new sudoers settings log_passwords and passprompt_regex. 
When logging terminal input, if log_passwords is disabled and any
of the regular expressions in the passprompt_regex list are found
in the terminal output, terminal input will be replaced with '*'
characters until a newline or carriage return is found in the input
or an output character is received.
 2022-01-28 08:52:41 -07:00
Todd C. Miller
be45d8fef4 "plain text" -> "plaintext" for consistency. 2022-01-27 12:43:19 -07:00
Todd C. Miller
5f45fd907b Document how commands are passed to the shell for the -i and -s options. 
The concatenation of command and arguments and escaping of special
characters was not documented.
Text adapted from GitHub issue #121 from Kris Rinzwind
 2022-01-20 14:05:00 -07:00
Todd C. Miller
805e1b9470 Also mention no_new_privs error in the troubleshooting guide. 2022-01-20 10:26:01 -07:00
Todd C. Miller
e4ee1a8502 Replace uid and gid with user-ID and group-ID in more places. 2022-01-20 10:08:34 -07:00
Todd C. Miller
9d79a0767c Use the Oxford comma consistently, it is helpful in technical documents. 2022-01-19 19:03:12 -07:00
Todd C. Miller
78e74c605e Document the error message when no_new_privs is set. 2022-01-19 18:53:03 -07:00
Todd C. Miller
17b7ac3460 Sudo now recovers from sudoers syntax errors. 2022-01-19 18:42:09 -07:00
Todd C. Miller
0d0e7de454 Use the Oxford comma consistently, it is helpful in technical documents. 2022-01-19 18:41:23 -07:00
Todd C. Miller
9a013b79b8 Mention https://www.sudo.ws/security/fuzzing/ in the fuzzing section. 2022-01-19 11:02:19 -07:00
Todd C. Miller
e88087721b Add support in the LDAP filter for negated users. 
Based on a diff from Simon Lees
 2022-01-18 11:20:22 -07:00
Todd C. Miller
48bc498a6f Add pam_askpass_service sudoers setting for "sudo -A". 
This makes it possible to use a different PAM configuration for
when "sudo -A" is used.  The main use case is to only use PAM modules
that can interact with the askpass program.  GitHub issue #112.
 2022-01-08 11:35:03 -07:00
Todd C. Miller
59d55c5308 LICENSE.md moved to the top-level src dir. 2022-01-03 10:26:15 -07:00
Todd C. Miller
e22cc72530 Back out changes to enable SELinux by default. 
This may return in a future release in a different form.
 2021-12-22 11:13:22 -07:00
Todd C. Miller
0ed92e6165 Move LICENSE.md out of docs and back to the top-level. 
GitHub expects it to be in the top-level directory.
 2021-12-22 11:05:00 -07:00
Todd C. Miller
991ef32508 Add group_file, match_local, and passwd_file to cvtsudoers.conf. 
Previously, these were only settable via command line options.
 2021-12-16 15:42:06 -07:00
Todd C. Miller
537f75dc74 Remove question about running Solaris 11 binaries on Solaris 10. 
Current versions of sudo use many APIs that are not present on
Solaris 10.  If you want a sudo Solaris 10 binary, build it on
Solaris 10, not 11.
 2021-12-12 18:57:17 -07:00
Todd C. Miller
e66e1ca383 In SECURITY NOTES, clarify that PATH may be overridden by the policy. 
Bug #1014
 2021-12-11 09:08:03 -07:00
Todd C. Miller
a2aa709707 Minor formatting tweak so we can import into the sudo web site. 2021-12-10 20:14:48 -07:00
Todd C. Miller
014339948c Surround email addresses with angle brackets, not square backets. 2021-12-09 18:51:37 -07:00
Todd C. Miller
d324a53065 Minor formatting tweaks. 2021-12-06 09:27:54 -07:00
Todd C. Miller
3bd572ba80 Convert README and docs files to markdown. 
This makes things look better on GitHub and we can use the
markdown version directly in the new sudo web site.
 2021-12-05 21:02:04 -07:00
Todd C. Miller
2c754a8d49 Policy -> Disclosure Policy 2021-12-04 16:29:49 -07:00
Todd C. Miller
003f9550f1 cvtsudoers: add -l option to log merge actions 
The "-l logfile" option can be used to store a log of what
actions cvtsudoers took when merging multiple files.
For example, which aliases were renamed, which entries were overriden
or removed as duplicated.
 2021-11-24 06:52:51 -07:00
Todd C. Miller
409410b029 New Persian (Farsi) translation from translationproject.org 2021-11-21 09:53:50 -07:00
Todd C. Miller
cc79038730 Document how to merge sudoers files with cvtsudoers. 2021-11-19 12:29:21 -07:00
Todd C. Miller
3ab280fc61 Fix formatting of links. 2021-11-11 14:19:22 -07:00
Todd C. Miller
781a4fb691 Add contributing guide. 2021-11-11 13:56:36 -07:00
Todd C. Miller
85325a7d2f Add security doc, inspired by the Microsoft template. 2021-11-10 17:26:26 -07:00
Todd C. Miller
289a045a4f Rename "doc" directory to "docs" for better GitHub compatibility. 2021-11-10 16:45:16 -07:00