[sudo-announce] Sudo version 1.6.8 now available

Todd C. Miller Todd.Miller at courtesan.com
Fri Aug 20 22:33:30 EDT 2004

After a long wait, Sudo version 1.6.8 is now available.  It's taken
a while but version 1.6.8 includes some exciting new features.

It is also the first release for which I am offering commercial
support.  If your organization uses Sudo please consider purchasing
a support contract to help fund addition Sudo development.  Please
see http://www.sudo.ws/support.html

Alternately, you can help out by "purchasing" a copy of Sudo or
making a donation at http://www.sudo.ws/purchase.html

Sudo is still free software and I intend for it to remain so but
as I currently lack regular employment I am asking for help from
the Sudo community.  Your support will enable me to continue to
improve Sudo and complete projects such as a proper user's manual
and a major rewrite of large portions of Sudo.

Enough of the commercial, now on to the good part...

Major changes since Sudo 1.6.7p5:

 o LDAP support: sudoers info may be stored in LDAP
   (optionally using TLS).

 o There is a new -e option to edit files the with uid of the
   invoking user.  This makes it possible to give users to ability
   to safely edit files without the possibility of editing other
   files or running commands as the target user.  If sudo is run
   as "sudoedit" the -e flag is implied.

 o A new tag, NOEXEC, will prevent a dynamically-linked program
   being run by sudo from executing another program (think shell
   escapes). Because this uses LD_PRELOAD it has no effect on static

 o Added a -i option to simulate an initial login similar to "su -".

 o If sudo is used to run as root shell, further sudo commands will
   be logged as run by the user specified by the SUDO_USER environment
   variable.  In -e mode (sudoedit), SUDO_USER is used to determine
   what user to run the editor when the real uid is 0.

 o The sudoers file is now parsed as the runas user in all cases
   instead of root.  This fixes some issues with running NFS-mounted

 o If the target user is the same as the invoking user a password
   is no longer required.

 o Sudo now produces a sensible error message when the targetpw
   Defaults option is set and a non-existent uid is specified via
   the -u option.

 o A negated user/uid in a runas list is now treated the same as a
   negated command and overrides a previously allowed entry.

 o PAM support now uses Use pam_acct_mgmt() to check for disabled

 o Added a check in visudo for runas_default being used before it
   was set.

 o Fixed several issues when closing all open descriptors.  Sudo
   now uses closefrom() if it exists, otherwise it uses /proc/$$/fd
   if that exists with a fallback of closing all possible descriptors.

 o Quoting globbing characters with a backslash now works as

 o Fixed a problem on FreeBSD (and perhaps others) when the user
   is only listed in NIS (not master.passwd) and netgroups are used
   in the master.passwd file.

 o The username in a log entry is no longer truncated at 8 characters.

 o Added a "sudo_lecture" option that can point to a file containing
   a custom lecture.

 o /tmp/.odus is no longer used for timestamps by default.

 o Fixed the --with-stow configure option.

 o TIS fwtk authentication now supports fwtk 2.0 and higher.

 o Added Stan Lee / Uncle Ben quote to the lecture from RedHat.

 o Added the --with-pc-insults configure to replace politically
   incorrect insults with other ones.

Master Web Site:

Web Site Mirrors:
    http://sudo.stikman.com/ (Los Angeles, California, USA)
    http://mirage.informationwave.net/sudo/ (Fanwood, New Jersey, USA)
    http://www.mrv2k.net/sudo/ (Bend, Oregon, USA)
    http://www.signal42.com/mirrors/sudo_www/ (USA)
    http://sudo.xmundo.net/ (Argentina)
    http://sudo.planetmirror.com/ (Australia)
    http://sunshine.lv/sudo/ (Latvia)
    http://rexem.uni.cc/sudo/ (Kaunas, Lithuania)
    http://sudo.cdu.elektra.ru/ (Russia)
    http://sudo.nctu.edu.tw/ (Taiwan)

FTP Mirrors:
    ftp://anonopenbsd.cs.colorado.edu/pub/sudo/ (Boulder, Colorado, USA)
    ftp://ftp.cs.colorado.edu/pub/sudo/ (Boulder, Colorado, USA)
    ftp://obsd.isc.org/pub/sudo/ (Redwood City, California, USA)
    ftp://ftp.stikman.com/pub/sudo/ (Los Angeles, California, USA)
    ftp://ftp.tux.org/pub/security/sudo/ (Beltsville, Maryland, USA)
    ftp://ftp.cerias.purdue.edu/pub/tools/unix/sysutils/sudo/ (West Lafayette, Indiana, USA)
    ftp://ftp.uwsg.indiana.edu/pub/security/sudo/ (Bloomington, Indiana, USA)
    ftp://ftp.rge.com/pub/admin/sudo/ (Rochester, New York, USA)
    ftp://sudo.xmundo.net/pub/mirrors/sudo/ (Argentina)
    ftp://ftp.wiretapped.net/pub/security/host-security/sudo/ (Australia)
    ftp://ftp.tuwien.ac.at/utils/admin-tools/sudo/ (Austria)
    ftp://sunsite.ualberta.ca/pub/Mirror/sudo/ (Alberta, Canada)
    ftp://ftp.csc.cuhk.edu.hk/pub/packages/unix-tools/sudo/ (Hong Kong, China)
    ftp://ftp.eunet.cz/pub/security/sudo/ (Czechoslovakia)
    ftp://ftp.ujf-grenoble.fr/sudo/ (France)
    ftp://netmirror.org/ftp.sudo.ws/ (Frankfurt, Germany)
    ftp://ftp.win.ne.jp/pub/misc/sudo/ (Japan)
    ftp://ftp.st.ryukoku.ac.jp/pub/security/tool/sudo/ (Japan)
    ftp://ftp.cin.nihon-u.ac.jp/pub/misc/sudo/ (Japan)
    ftp://core.ring.gr.jp/pub/misc/sudo/ (Japan)
    ftp://ftp.ring.gr.jp/pub/misc/sudo/ (Japan)
    ftp://ftp.ayamura.org/pub/sudo/ (Japan)
    ftp://ftp.tpnet.pl/d6/ftp.sudo.ws/ (Poland)
    ftp://ftp.cdu.elektra.ru/pub/unix/security/sudo/ (Russia)
    ftp://ftp.nsysu.edu.tw/Unix/Security/Sudo/ (Taiwan)

HTTP Mirrors:
    http://www.rge.com/pub/admin/sudo/ (Rochester, New York, USA)
    http://probsd.org/sudoftp/ (East Coast, USA)
    http://ftp.cerias.purdue.edu/pub/tools/unix/sysutils/sudo/ (West Lafayette, Indiana, USA)
    http://www.signal42.com/mirrors/sudo_ftp/ (California, USA)
    http://netmirror.org/mirror/ftp.sudo.ws/ (Frankfurt, Germany)
    http://core.ring.gr.jp/archives/misc/sudo/ (Japan)
    http://www.ring.gr.jp/archives/misc/sudo/ (Japan)
    http://ftp.tpnet.pl/vol/d6/ftp.sudo.ws/ (Poland)
    http://sudo.tsuren.net/dist/ (Moscow, Russian Federation)
    http://ftp.nsysu.edu.tw/Unix/Security/Sudo/ (Taiwan)

More information about the sudo-announce mailing list