rpms/sudo/devel sudo-1.6.8p12-requiretty.patch, NONE, 1.1 sudo.spec, 1.39, 1.40
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon May 29 12:51:25 UTC 2006
Author: kzak
Update of /cvs/dist/rpms/sudo/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv15061
Modified Files:
sudo.spec
Added Files:
sudo-1.6.8p12-requiretty.patch
Log Message:
added requirettyp to the default sudoers
sudo-1.6.8p12-requiretty.patch:
sudoers | 2 ++
1 files changed, 2 insertions(+)
--- NEW FILE sudo-1.6.8p12-requiretty.patch ---
--- sudo-1.6.8p12/sudoers.tty 2006-05-29 14:40:18.000000000 +0200
+++ sudo-1.6.8p12/sudoers 2006-05-29 14:46:37.000000000 +0200
@@ -13,6 +13,8 @@
# Defaults specification
+Defaults requiretty
+
Defaults env_reset
Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \
LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \
Index: sudo.spec
===================================================================
RCS file: /cvs/dist/rpms/sudo/devel/sudo.spec,v
retrieving revision 1.39
retrieving revision 1.40
diff -u -r1.39 -r1.40
--- sudo.spec 23 May 2006 14:40:10 -0000 1.39
+++ sudo.spec 29 May 2006 12:51:22 -0000 1.40
@@ -1,7 +1,7 @@
Summary: Allows restricted root access for specified users.
Name: sudo
Version: 1.6.8p12
-Release: 5
+Release: 6
License: BSD
Group: Applications/System
Source: http://www.courtesan.com/sudo/dist/sudo-%{version}.tar.gz
@@ -17,8 +17,10 @@
Patch2: sudo-1.6.8p8-pam-sess.patch
# don't strip
Patch3: sudo-1.6.7p5-strip.patch
-# Default sudoers
+# Default sudoers: reset env.
Patch4: sudo-1.6.8p12-env-reset.patch
+# Default sudoers; require tty (#190062)
+Patch5: sudo-1.6.8p12-requiretty.patch
%description
Sudo (superuser do) allows a system administrator to give certain
@@ -36,6 +38,7 @@
%patch2 -p1 -b .sess
%patch3 -p1 -b .strip
%patch4 -p1 -b .env_reset
+%patch4 -p1 -b .tty
%build
%ifarch s390 s390x
@@ -99,6 +102,9 @@
/bin/chmod 0440 /etc/sudoers || :
%changelog
+* Mon May 29 2006 Karel Zak <kzak at redhat.com> 1.6.8p12-6
+- fix #190062 - "ssh localhost sudo su" will show the password in clear
+
* Tue May 23 2006 Karel Zak <kzak at redhat.com> 1.6.8p12-5
- add LDAP support (#170848)
More information about the fedora-cvs-commits
mailing list