Date: Fri, 10 Sep 2010 17:52:22 GMT From: Maxim Ignatenko <gelraen.ua@gmail.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/150478: security/sudo 1.7.4.4 - option SHELL_SETS_HOME is always on Message-ID: <201009101752.o8AHqMi2096653@www.freebsd.org> Resent-Message-ID: <201009101800.o8AI09vU046176@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 150478 >Category: ports >Synopsis: security/sudo 1.7.4.4 - option SHELL_SETS_HOME is always on >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Sep 10 18:00:08 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Maxim Ignatenko >Release: 8-STABLE >Organization: Kiev National Taras Shevchenko University >Environment: >Description: After updating sudo to version 1.7.4.4 I've noticed that it behaves like if option SHELL_SETS_HOME was enabled during build. [20:47:43|imax@kitty:~]% printenv HOME /home/imax [20:47:50|imax@kitty:~]% sudo -s kitty# printenv HOME /root kitty# [20:48:10|imax@kitty:~]% grep SHELL_SETS_HOME /var/db/ports/sudo/options WITHOUT_SHELL_SETS_HOME=true [20:48:26|imax@kitty:~]% pkg_info|grep sudo sudo-1.7.4.4 Allow others to run commands as root I've tried to manually run sudo's ./configure with "--disable-shell-sets-home" and build it - result was the same, so it's probably problem of sudo itself, not FreeBSD port. >How-To-Repeat: 1) update sudo to 1.7.4.4 2) execute "sudo -s" >Fix: >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201009101752.o8AHqMi2096653>