[sudo-workers] sudo 1.6.9 beta 4 is now available

[Todd C. Miller]

The fourth beta version of sudo 1.6.9 is now available.  Unles
further issues are found, this will become the first release candidate
early next week.

You can ftp 1.6.9b4 from:
    ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.6.9b4.tar.gz


The major changes from 1.6.9b3 are:

 o Moved LDAP schema data into separate files.

 o Sudo no longer assumes that gr_mem in struct group is non-NULL.

The major changes from 1.6.9b2 are:

 o Added definition of _PATH_DEVNULL for systems without it.

 o Added support for Solaris 10 project resource limits.

The major changes from 1.6.9b1 are:

 o Fixed problems with the included fnmatch() and glob() functions
   that resulted in a compilation failure on some systems.

The major changes from 1.6.8p12 are:

 o The environment is no longer preserved by default.  Commands run
   through sudo now receive a minimal environment with certain
   variables passed through and/or checked.  The list of variables
   allowed is configurable via the env_keep and env_check options
   in sudoers.

 o Fixed a file descriptor leak when the lecture file option is enabled.

 o Added to the list of variables to remove from the environment.

 o Fixed a Kerberos V security issue that could allow a
   user to authenticate using a fake KDC.

 o Pulled in updated configure and libtool from sudo 1.7.

 o PAM is now the default on systems where it is supported.

 o Removed POSIX saved uid use; the stay_setuid option now
   requires the setreuid() or setresuid() functions to work.

 o Regenerated configure with up to date autoconf and libtool.

 o Fixed fd leak when lecture file option is enabled.

 o Removed used of POSIX saved uids.  The stay_setuid
   option now requires setreuid() or setresuid().

 o PAM fixes.  If the user enters ^C at the password prompt,
   abort instead of trying to authenticate with an empty password
   (which causes an annoying delay).  Also Call pam_open_session()
   and pam_close_session() to give pam_limits a chance to run.

 o Security fix for Kerberos5.  If we cannot get a valid service
   key using the default keytab it is a fatal error.  Now uses
   krb5_verify_user() and krb5_init_secure_context() if they
   are available.

 o Fixed securid5 authentication.

 o Added fcntl F_CLOSEM support to closefrom().

 o Added NOEXEC support for AIX 5.3.

 o Sudo now uses the supplemental group vector for matching.
   This fixes problems with split group lines in /etc/group
   as well as multiple group sources in nsswitch.conf.

 o Added more environment variables to remove by default.

 o Mail from sudo now includes an Auto-Submitted: auto-generated
   header ala rfc 3834.

 o Reworked the environment handling code.

 o Remove the --with-execv option, it was not useful.

 o Use TCSADRAIN instead of TCSAFLUSH in tgetpass() since
   some OSes have issues with TCSAFLUSH.

 o Use glob(3) instead of fnmatch(3) for matching pathnames
   and stat() each result that matches the basename of the user's
   command.  This makes "cd /usr/bin ; sudo ./blah" work when
   sudoers allows /usr/bin/blah.

 o Reworked the syslog long line splitting code based on changes
   from Eygene Ryabinkin.

 o Sudo can now with deal more than 32 network interfaces on
   Solaris.

 o Visudo will now honor command line arguments in the EDITOR or
   VISUAL environment variables if env_editor is enabled.

 o LDAP now honors rootbinddn, timelimit and bind_timelimit in
   /etc/ldap.conf.

 o For LDAP, do a sub tree search instead of a base search (one
   level in the tree only) for sudo right objects.  This allows
   system administrators to categorize the rights in a tree to
   make them easier to manage.

 - todd