Date: Sun, 02 Aug 2020 16:46:47 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 248434] security/acme: Backport fix for running under sudo Message-ID: <bug-248434-7788-yQdNJzUoVM@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-248434-7788@https.bugs.freebsd.org/bugzilla/> References: <bug-248434-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D248434 --- Comment #4 from John W. O'Brien <john@saltant.com> --- (In reply to Dan Langille from comment #3) That sounds about right. At a high level, it recognizes any command ending = with "/bin/su" and any command found in /etc/shells as a sane sudo environment, = and anything else as sufficiently problematic to warrant scolding the user and requiring --force. Without this patch, only /bin/su (exact) and /bin/bash (exact) are consider= ed sane, which means doing something obvious like sudo -i -u acme acme.sh # ... triggers the scolding on FreeBSD. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-248434-7788-yQdNJzUoVM>