[sudo-announce] Sudo version 1.6.9 now available

Todd C. Miller Todd.Miller at courtesan.com
Tue Jul 17 11:32:17 EDT 2007

After a long wait, Sudo version 1.6.9 is now available.  Version
1.6.9 incorporates a number of features of the Sudo 1.7 development
branch and fixes several bugs.

Major changes since Sudo 1.6.8p12:

 o The env_reset option is enabled by default.
   Commands run through sudo now receive a minimal environment with
   certain variables passed through and/or checked.  The list of
   variables allowed is configurable via the env_keep and env_check
   options in sudoers.

 o The new -E option will preserve the environment if the SETENV tag
   is set for the command or if the setenv sudoers option is enabled.

 o Environment variables may now be set on the command line in
   the form VAR=value.  They are subject to the same restrictions
   as normal environment variables.  If the SETENV tag is set for
   the command or if the setenv sudoers option is enabled, the user
   may set variables that would overwise be forbidden.

 o Fixed a file descriptor leak when the lecture file option is enabled.

 o Expanded the list of potentially unsafe variables to remove from
   the environment if the env_reset option is disabled.

 o PAM is now the default on systems that support it.

 o Removed POSIX saved uid use; the stay_setuid option now
   requires the setreuid() or setresuid() functions to work.

 o Reworked configure with up to date autoconf and libtool.

 o PAM fixes.  If the user enters ^C at the password prompt,
   abort instead of trying to authenticate with an empty password
   (which causes an annoying delay).  Also Call pam_open_session()
   and pam_close_session() to give pam_limits a chance to run.

 o Security fix for Kerberos5.  If we cannot get a valid service
   key using the default keytab it is a fatal error.  Now uses
   krb5_verify_user() and krb5_init_secure_context() if they are

 o Fixed securid5 authentication.

 o Added fcntl F_CLOSEM support to closefrom().

 o Added NOEXEC support for AIX 5.3.

 o Sudo now uses the supplemental group vector for matching.
   This fixes problems with split group lines in /etc/group as well
   as multiple group sources in nsswitch.conf.

 o Mail from sudo now includes an Auto-Submitted: auto-generated
   header ala rfc 3834.

 o Remove the --with-execv option, it was not useful.

 o Use TCSADRAIN instead of TCSAFLUSH in tgetpass() since some
   operating systems have issues with TCSAFLUSH.

 o Use glob(3) instead of fnmatch(3) for matching pathnames and stat()
   each result that matches the basename of the user's command.
   This makes "cd /usr/bin ; sudo ./blah" work when sudoers allows

 o Reworked the syslog long line splitting code.

 o Sudo can now with deal more than 32 network interfaces on Solaris.

 o Visudo will now honor command line arguments in the EDITOR or
   VISUAL environment variables if env_editor is enabled.

 o LDAP now honors rootbinddn, timelimit and bind_timelimit in

 o For LDAP, do a sub tree search instead of a base search (one
   level in the tree only) for sudo right objects.  This allows
   system administrators to categorize the rights in a tree to make
   them easier to manage.

 o Added support for Solaris 10 project resource limits.

 o The sudoers2ldif script now parses Runas users.

 o The -- flag on the command line now behaves as documented.

 o sudo -k/-K no longer prints an error if the timestamp is in the future.

 o When searching for a command, sudo now uses the effective gid
   of the runas user.

 o Sudo no longer updates the timestamp if the user was not validated
   by the sudoers file.

Download links:

For a list of download mirror sites, see:

Sudo web site:

Sudo web site mirrors:

More information about the sudo-announce mailing list