On Wed, 2019-05-15 at 02:42:56 +0930, Dan Streetman wrote: > in Ubuntu, sudo retains the calling user's $HOME > > this is different from upstream sudo as well as all other UNIXes and > even the sudo documentation we provide. Should we remove our custom > patch that adds this behavior?
I would argue that our current behaviour provides a more usable default (eg. running vim via sudo uses your own configuration so you don't have to maintain a copy of it in /root) and in the case of a machine with multiple sudo users, they all get to use their own configuration rather than a single configuration under /root. However, it does diverge from upstream and so for new users this creates a surprising situation if they are used to and expect the upstream behaviour - (see comments 6 and 7 in https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/760140) - plus it seems we do not document this change in the man page and so we are creating even more surprises for our users. From a security point of view I do not see any advantage from either behaviour, so it is really more a usability question IMO. > > for reference and more details on downsides of our current sudo behavior, see: > https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1556302 > > Note that I have kind-of hijacked the bug, as I believe the issue is > larger than the python-based example in that bug. > > Also as I commented in that bug, I do not recommend changing the > behavior for existing releases. But I do think we should change the > behavior starting in Eoan and future releases. I agree if this is changed we should not try and SRU it back. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
