Author: archaic
Date: 2005-12-21 20:32:33 -0700 (Wed, 21 Dec 2005)
New Revision: 5453
Modified:
trunk/BOOK/general.ent
trunk/BOOK/introduction/welcome/changelog.xml
trunk/BOOK/postlfs/security/sudo.xml
Log:
Removed the obsolete sed in sudo and added a note to use visudo to edit the
sudoers file.
Modified: trunk/BOOK/general.ent
===================================================================
--- trunk/BOOK/general.ent 2005-12-20 23:50:47 UTC (rev 5452)
+++ trunk/BOOK/general.ent 2005-12-22 03:32:33 UTC (rev 5453)
@@ -1,8 +1,8 @@
-<!ENTITY day "20">
+<!ENTITY day "21">
<!ENTITY month "12">
<!ENTITY year "2005">
<!ENTITY version "svn-&year;&month;&day;">
-<!ENTITY releasedate "December &day;th, &year;">
+<!ENTITY releasedate "December &day;st, &year;">
<!ENTITY pubdate "&year;-&month;-&day;"> <!-- metadata req. by TLDP -->
<!ENTITY blfs-version "svn"> <!-- svn|[release #] -->
<!ENTITY lfs-version "development"> <!--
version|stable|testing|unstable|development] -->
Modified: trunk/BOOK/introduction/welcome/changelog.xml
===================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml 2005-12-20 23:50:47 UTC
(rev 5452)
+++ trunk/BOOK/introduction/welcome/changelog.xml 2005-12-22 03:32:33 UTC
(rev 5453)
@@ -40,7 +40,17 @@
</listitem>
-->
+ <listitem>
+ <para>December 21st, 2005</para>
+ <itemizedlist>
+ <listitem>
+ <para>[archaic] - Removed the obsolete sed in sudo and added a note
to
+ use visudo to edit the sudoers file.</para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+
<listitem>
<para>December 20th, 2005</para>
<itemizedlist>
Modified: trunk/BOOK/postlfs/security/sudo.xml
===================================================================
--- trunk/BOOK/postlfs/security/sudo.xml 2005-12-20 23:50:47 UTC (rev
5452)
+++ trunk/BOOK/postlfs/security/sudo.xml 2005-12-22 03:32:33 UTC (rev
5453)
@@ -83,8 +83,7 @@
<para>Install <application>sudo</application> by running
the following commands:</para>
-<screen><userinput>sed -i -e 's/CDPATH",/&\n "SHELLOPTS",\n "PS4",/'
env.c
-./configure --prefix=/usr --libexecdir=/usr/lib \
+<screen><userinput>./configure --prefix=/usr --libexecdir=/usr/lib \
--enable-noargs-shell --with-ignore-dot --with-all-insults \
--enable-shell-sets-home &&
make</userinput></screen>
@@ -98,11 +97,6 @@
<sect2 role="commands">
<title>Command Explanations</title>
- <para><command>sed -i -e 's/CDPATH",/&\n "SHELLOPTS",\n "PS4",/'
- env.c</command>: This command adds two environment variables to a list of
- variables to be excluded from the target environment. It solves a
- security problem.</para>
-
<para><option>--enable-noargs-shell</option>: This switch allows
<application>sudo</application> to run a shell if invoked with no
arguments.</para>
@@ -159,6 +153,14 @@
<para>For details, see <command>man sudoers</command>.</para>
+ <note>
+ <para>The <application>Sudo</application> developers highly recommend
+ using the <command>visudo</command> program to edit the
+ <filename>sudoers</filename> file. This will provide basic sanity
+ checking like syntax parsing and file permission to avoid some possible
+ mistakes that could lead to a vulnerable configuration.</para>
+ </note>
+
</sect3>
</sect2>
@@ -172,7 +174,7 @@
<segtitle>Installed Directories</segtitle>
<seglistitem>
- <seg>sudo and sudoedit</seg>
+ <seg>sudo, sudoedit, and visudo</seg>
<seg>sudo_noexec.so</seg>
<seg>None</seg>
</seglistitem>
@@ -207,6 +209,18 @@
</listitem>
</varlistentry>
+ <varlistentry id="visudo">
+ <term><command>visudo</command></term>
+ <listitem>
+ <para>allows for safer editing of the <filename>sudoers</filename>
+ file.</para>
+ <indexterm zone="sudo visudo">
+ <primary sortas="b-visudo">visudo</primary>
+ </indexterm>
+ </listitem>
+ </varlistentry>
+
+
<varlistentry id="sudo_noexec">
<term><filename class='libraryfile'>sudo_noexec.so</filename></term>
<listitem>
--
http://linuxfromscratch.org/mailman/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
