rpms/sudo/devel sudo-1.6.8p12-requiretty.patch, NONE, 1.1 sudo.spec, 1.39, 1.40

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Mon May 29 12:51:25 UTC 2006 

Author: kzak

Update of /cvs/dist/rpms/sudo/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv15061

Modified Files:
	sudo.spec 
Added Files:
	sudo-1.6.8p12-requiretty.patch 
Log Message:
added requirettyp to the default sudoers

sudo-1.6.8p12-requiretty.patch:
 sudoers |    2 ++
 1 files changed, 2 insertions(+)

--- NEW FILE sudo-1.6.8p12-requiretty.patch ---
--- sudo-1.6.8p12/sudoers.tty	2006-05-29 14:40:18.000000000 +0200
+++ sudo-1.6.8p12/sudoers	2006-05-29 14:46:37.000000000 +0200
@@ -13,6 +13,8 @@
 
 # Defaults specification
 
+Defaults    requiretty
+
 Defaults    env_reset
 Defaults    env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \
                         LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \


Index: sudo.spec
===================================================================
RCS file: /cvs/dist/rpms/sudo/devel/sudo.spec,v
retrieving revision 1.39
retrieving revision 1.40
diff -u -r1.39 -r1.40
--- sudo.spec	23 May 2006 14:40:10 -0000	1.39
+++ sudo.spec	29 May 2006 12:51:22 -0000	1.40
@@ -1,7 +1,7 @@
 Summary: Allows restricted root access for specified users.
 Name: sudo
 Version: 1.6.8p12
-Release: 5
+Release: 6
 License: BSD
 Group: Applications/System
 Source: http://www.courtesan.com/sudo/dist/sudo-%{version}.tar.gz
@@ -17,8 +17,10 @@
 Patch2: sudo-1.6.8p8-pam-sess.patch
 # don't strip
 Patch3: sudo-1.6.7p5-strip.patch
-# Default sudoers
+# Default sudoers: reset env.
 Patch4: sudo-1.6.8p12-env-reset.patch
+# Default sudoers; require tty (#190062)
+Patch5: sudo-1.6.8p12-requiretty.patch
 
 %description
 Sudo (superuser do) allows a system administrator to give certain
@@ -36,6 +38,7 @@
 %patch2 -p1 -b .sess
 %patch3 -p1 -b .strip
 %patch4 -p1 -b .env_reset
+%patch4 -p1 -b .tty
 
 %build
 %ifarch s390 s390x
@@ -99,6 +102,9 @@
 /bin/chmod 0440 /etc/sudoers || :
 
 %changelog
+* Mon May 29 2006 Karel Zak <kzak at redhat.com> 1.6.8p12-6
+- fix #190062 - "ssh localhost sudo su" will show the password in clear
+
 * Tue May 23 2006 Karel Zak <kzak at redhat.com> 1.6.8p12-5
 - add LDAP support (#170848)

More information about the fedora-cvs-commits mailing list