[sudo-users] sudo update for older OS X versions available
Todd C. Miller
Todd.Miller at courtesan.com
Fri Nov 22 13:59:57 MST 2013
It's unfortunate that Apple chooses not to update to sudo 1.8.x.
They are the only vendor still shipping 1.7.x for new releases as
far as I know. I don't know why they choose to not ship sudoedit
and sudoreplay--that seems short-sighted. I suppose they assume
people only use sudo as a way to have unlimited root access.
Thanks for breaking down the various patches. It's unfortunate
that Apple doesn't bother to send potential fixes upstream. In
case you are curious:
This is due to libdispatch having file descriptors open even
when grand central dispatch is not in use. Closing the libdispatch
descriptors will cause a crash when executing the command. A
similar Apple-specific change is already in sudo 1.8.x.
This may be due to a bug in xnu, the Mac OS X kernel that I
reported in May of 2010. Apple's bug database is not public
but I made a copy of the report here:
This patch is dangerous because it could lead to an infinite
loop if sudo is not the foreground process.
You might want take a look at the mkpkg script included with sudo.
It will build .pkg files installable on a Mac. By default it builds
newer style flat packages but the pp script also supports older
style package bundles if you need it to.
More information about the sudo-users