From wiki at gaydar.zp.ua  Sun Jun  8 07:31:20 2008
From: wiki at gaydar.zp.ua (Victor)
Date: Sun, 8 Jun 2008 14:31:20 +0300
Subject: [sudo-workers] disable -s
Message-ID: <20080608113120.GA10522@radiocom.net.ua>

	Hi All!
	Sorry, I see that question on subj was some time ago.
	But. Now I have situation that my users is the used commands as "sudo -s -u root", and on
	this not save logging information about enterred command.

	Maybe we can add new option on source core for disable it?


From Todd.Miller at courtesan.com  Sun Jun  8 14:08:51 2008
From: Todd.Miller at courtesan.com (Todd C. Miller)
Date: Sun, 08 Jun 2008 14:08:51 -0400
Subject: [sudo-workers] disable -s
In-Reply-To: Your message of "Sun, 08 Jun 2008 14:31:20 +0300."
	<20080608113120.GA10522@radiocom.net.ua> 
References: <20080608113120.GA10522@radiocom.net.ua> 
Message-ID: <200806081808.m58I8pd3013561@core.courtesan.com>

In message <20080608113120.GA10522 at radiocom.net.ua>
	so spake Victor (wiki):

> Sorry, I see that question on subj was some time ago.
> But. Now I have situation that my users is the used commands as "sudo -
> s -u root", and on
> this not save logging information about enterred command.
>
> Maybe we can add new option on source core for disable it?

There's nothing magic about "sudo -s", it will only allow the user
to run a shell if the sudoers file allows it.  It is simply shorthand
for "sudo $SHELL".  If you don't want your users to be able to run
a shell, their sudoers entries just have to reflect that.

 - todd


From wiki at gaydar.zp.ua  Mon Jun  9 10:36:25 2008
From: wiki at gaydar.zp.ua (Victor)
Date: Mon, 9 Jun 2008 17:36:25 +0300
Subject: [sudo-workers] disable -s
In-Reply-To: <200806081808.m58I8pd3013561@core.courtesan.com>
References: <20080608113120.GA10522@radiocom.net.ua>
	<200806081808.m58I8pd3013561@core.courtesan.com>
Message-ID: <20080609143625.GA41199@radiocom.net.ua>

Hi, Todd! 

 Sun, Jun 08, 2008 at 02:08:51PM -0400, Todd C. Miller wrote: 

> In message <20080608113120.GA10522 at radiocom.net.ua>
> 	so spake Victor (wiki):
> 
> > Sorry, I see that question on subj was some time ago.
> > But. Now I have situation that my users is the used commands as "sudo -
> > s -u root", and on
> > this not save logging information about enterred command.
> >
> > Maybe we can add new option on source core for disable it?
> 
> There's nothing magic about "sudo -s", it will only allow the user
> to run a shell if the sudoers file allows it.  It is simply shorthand
> for "sudo $SHELL".  If you don't want your users to be able to run
> a shell, their sudoers entries just have to reflect that.

	Sorry, maybe we can show to me hint?
> 
>  - todd

-- 
UV-RIPE


From Todd.Miller at courtesan.com  Tue Jun 10 21:31:19 2008
From: Todd.Miller at courtesan.com (Todd C. Miller)
Date: Tue, 10 Jun 2008 21:31:19 -0400
Subject: [sudo-workers] sudo 1.7.0rc2 released
Message-ID: <200806110131.m5B1VJ61013886@core.courtesan.com>

This is the second release candidate of sudo version 1.7.0.  I'd
love to hear reports of success (or failure!) in real-world
environments.

Download links:
    http://www.sudo.ws/sudo/dist/beta/sudo-1.7.0rc2.tar.gz
    ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.7.0rc2.tar.gz

Changes from Sudo 1.7.0rc1:

 * Added instructions for using sudo's LDAP support  with
   Active Directory.

 * Now ignore SIGPIPE instead of blocking it when sending mail.

What's new in Sudo 1.7?

 * Rewritten parser that converts sudoers into a set of data structures.
   This eliminates a number of ordering issues and makes it possible to
   apply sudoers Defaults entries before searching for the command.
   It also adds support for per-command Defaults specifications.

 * Sudoers now supports a #include facility to allow the inclusion of other
   sudoers-format files.

 * Sudo's -l (list) flag has been enhanced:
    o applicable Defaults options are now listed
    o a command argument can be specified for testing whether a user
      may run a specific command.
    o a new -U flag can be used in conjunction with "sudo -l" to allow
      root (or a user with "sudo ALL") list another user's privileges.

 * A new -g flag has been added to allow the user to specify a
   primary group to run the command as.  The sudoers syntax has been
   extended to include a group section in the Runas specification.

 * A uid may now be used anywhere a username is valid.

 * The "secure_path" run-time Defaults option has been restored.

 * Password and group data is now cached for fast lookups.

 * The file descriptor at which sudo starts closing all open files is now
   configurable via sudoers and, optionally, the command line.

 * Visudo will now warn about aliases that are defined but not used.

 * The -i and -s command line flags now take an optional command
   to be run via the shell.  Previously, the argument was passed
   to the shell as a script to run.

 * Improved LDAP support.  SASL authentication may now be used in
   conjunction when connecting to an LDAP server.  The krb5_ccname
   parameter in ldap.conf may be used to enable Kerberos.

 * Support for /etc/nsswitch.conf.  LDAP users may now use nsswitch.conf
   to specify the sudoers order.  E.g.:
	sudoers: ldap files
   to check LDAP, then /etc/sudoers.  The default is "files", even
   when LDAP support is compiled in.  This differs from sudo 1.6
   where LDAP was always consulted first.

 * Support for /etc/environment on AIX and Linux.  If sudo is run
   with the -i flag, the contents of /etc/environment are used to
   populate the new environment that is passed to the command being
   run.

 * If no terminal is available or if the new -A flag is specified,
   sudo will use a helper program to read the password if one is
   configured.  Typically, this is a graphical password prompter
   such as ssh-askpass.

 * A new Defaults option, "mailfrom" that sets the value of the
   "From:" field in the warning/error mail.  If unspecified, the
   login name of the invoking user is used.

 * A new flag, -n, may be used to indicate that sudo should not
   prompt the user for a password and, instead, exit with an error
   if authentication is required.


From haralevi at inf.fu-berlin.de  Thu Jun 26 18:48:04 2008
From: haralevi at inf.fu-berlin.de (Andre Haralevi)
Date: Fri, 27 Jun 2008 00:48:04 +0200
Subject: [sudo-workers] Security Assurance in FOSS: Request for contribution
Message-ID: <200806262248.m5QMmFO5002304@core.courtesan.com>

Dear members of the Sudo project, 

we kindly ask for your participation in our survey on security assurance in
free/open source software. 
Security assurances are confidence building activities through structured
design processes, documentation, and testing. 

By participating in our survey you contribute to ongoing research with the
aim to make free/open source software more secure. 
It will not take more than 10 minutes of your valuable time for our 21
questions. 

Our survey is online for the next two weeks until July 1 at: 
http://survey.mi.fu-berlin.de/public/survey.php?name=fosssecurity
The survey is anonymous. 

Please find the results of the survey on the project page during July: 
https://www.inf.fu-berlin.de/w/SE/FOSSSecuritySurvey 

For further information about Open Source research at the Research Group
Software Engineering at Freie Universitaet Berlin, please visit: 
https://www.inf.fu-berlin.de/w/SE/FOSSHome 

Thank you in anticipation,
Sascha Rasmussen, Alexander Kunze, and Andre Haralevi

In case you participate in more than one FOSS project, please fill out the
questionnaire for the one where security is most important, or fill out one
questionnaire per project. 
Thank you!