[sudo-workers] sudo 1.8.5b6 available

Todd C. Miller Todd.Miller at courtesan.com
Fri Apr 6 14:38:52 EDT 2012

The sixth beta version of sudo 1.8.5 is now available.


Binary packages:

Major changes between sudo 1.8.5b6 and 1.8.5b5:

 * Sudo now behaves properly on systems that send SIGTSTP before
   SIGHUP when the user's pty is revoked.  This can happen when the
   window the session is running in is killed.

Major changes between sudo 1.8.5b5 and 1.8.5b4:

 * Sudo can now detect when a user has logged out and back in
   again on Solaris 11 when tty-based time stamps are in use.

 * When debugging is enabled, calls to warning() or error() will
   now log the error string to the debug file.  The function, file
   and line number are also logger for warning(), warningx(), error()
   and errorx().

 * Fixed a bug where sudo would exit before calling the plugin
   close function when select() returns an error due to the
   terminal device being invalidated when the session is closed.
   This can happen when the window the session is running in is

Major changes between sudo 1.8.5b4 and 1.8.5b3:

 * Add execvpe(), exect(), posix_spawn() and posix_spawnp() wrappers
   to sudo_noexec.c.

 * Fix compat setutxent and endutxent macros for systems with
   setutent() but not setutxent().

Major changes between sudo 1.8.5b3 and 1.8.5b2:

 * Updated the bundled zlib to version 1.2.6.

 * If the "timestampowner" user cannot be resolved, use ROOT_UID
   instead of exiting with a fatal error.

 * Fixed compiler warnings on some platforms.

 * Fix parsing of Path askpass and Path noexec in sudo.conf.

 * The cancel button on an askpass GUI program now exits the password
   prompt loop on PAM systems.

 * When initializing the environment for env_reset, start out with
   the contents of /etc/environment on AIX and login.conf on BSD.

 * Swedish sudo and sudoers translations from translationproject.org.

Major changes between sudo 1.8.5b2 and 1.8.5b1:

 * Fixed a potential double free exposed by changes in 1.8.5b1.

Major changes between sudo 1.8.5b1 and 1.8.4p4:

 * When "noexec" is enabled, sudo_noexec.so will now be prepended
   to any existing LD_PRELOAD variable instead of replacing it.

 * The user/group/mode checks on sudoers files have been relaxed.
   As long as the file is owned by the sudoers uid, not world-writable
   and not writable by a group other than the sudoers gid, the file
   is considered OK.  Note that visudo will still set the mode to
   the value specified at configure time.

 * It is now possible to specify the sudoers path, uid, gid and
   file mode as options to the plugin in the sudo.conf file.

 * Lithuanian and Vietnamese translations from translationproject.org.

 * /etc/environment is no longer read directly on Linux systems
   when PAM is used.  Sudo now merges the PAM environment into the
   user's environment which is typically set by the pam_env module.

 * The plugin API has been extended in three ways.  First, options
   specified in sudo.conf after the plugin pathname are passed to
   the plugin's open function.  Second, sudo has limited support
   for hooks that can be used by plugins.  Currently, the hooks are
   limited to environment handling functions.  Third, the init_session
   policy plugin function is passed a pointer to the user environment
   which can be updated during session setup.  The plugin API version
   has been incremented to version 1.2.  See the sudo_plugin manual
   for more information.

More information about the sudo-workers mailing list