[Bug 258479] [PATCH] security/sudo: sudo 1.9.8 released
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 13 Sep 2021 15:29:11 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258479 Bug ID: 258479 Summary: [PATCH] security/sudo: sudo 1.9.8 released Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: garga@FreeBSD.org Reporter: cy@FreeBSD.org Assignee: garga@FreeBSD.org Flags: maintainer-feedback?(garga@FreeBSD.org) Created attachment 227876 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=227876&action=edit Update sudo to 1.9.8 Sudo version 1.9.8 now available. In addition to bug fixes, sudo 1.9.8 adds a new "intercept" mode that can be used to intercept the exec family of library functions in the command run by sudo and do a policy check on sub-commands before they are executed. Intercept mode uses LD_PRELOAD to communicate with the main sudo process to perform the sudoers check. As such, there are some limitations. See the sudoers man page for details. Sudo 1.9.8 also includes a new sudoers setting, log_subcmds, which works like intercept mode but only logs the command that was run and does not validate it against the sudoers file. Source: https://www.sudo.ws/dist/sudo-1.9.8.tar.gz ftp://ftp.sudo.ws/pub/sudo/sudo-1.9.8.tar.gz SHA256 checksum: f1735de999804ea1af068fba6a82cb6674ea64c789813b29266fd3b16cb294e6 MD5 checksum: 0a38acd342112b86e8163a26818bdbbd Binary packages: https://www.sudo.ws/download.html#binary https://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_8 For a list of download mirror sites, see: https://www.sudo.ws/download_mirrors.html Sudo web site: https://www.sudo.ws/ Sudo web site mirrors: https://www.sudo.ws/mirrors.html Major changes between sudo 1.9.8 and 1.9.7p2: * It is now possible to transparently intercepting sub-commands executed by the original command run via sudo. Intercept support is implemented using LD_PRELOAD (or the equivalent supported by the system) and so has some limitations. The two main limitations are that only dynamic executables are supported and only the execl, execle, execlp, execv, execve, execvp, and execvpe library functions are currently intercepted. Its main use case is to support restricting privileged shells run via sudo. To support this, there is a new "intercept" Defaults setting and an INTERCEPT command tag that can be used in sudoers. For example: Cmnd_Alias SHELLS=/bin/bash, /bin/sh, /bin/csh, /bin/ksh, /bin/zsh Defaults!SHELLS intercept would cause sudo to run the listed shells in intercept mode. This can also be set on a per-rule basis. For example: Cmnd_Alias SHELLS=/bin/bash, /bin/sh, /bin/csh, /bin/ksh, /bin/zsh chuck ALL = INTERCEPT: SHELLS would only apply intercept mode to user "chuck" when running one of the listed shells. In intercept mode, sudo will not prompt for a password before running a sub-command and will not allow a set-user-ID or set-group-ID program to be run by default. The new intercept_authenticate and intercept_allow_setid sudoers settings can be used to change this behavior. * The new "log_subcmds" sudoers setting can be used to log additional commands run in a privileged shell. It uses the same mechanism as the intercept support described above and has the same limitations. * Support for logging sudo_logsrvd errors via syslog or to a file. Previously, most sudo_logsrvd errors were only visible in the debug log. * Better diagnostics when there is a TLS certificate validation error. * Using the "+=" or "-=" operators in a Defaults setting that takes a string, not a list, now produces a warning from sudo and a syntax error from inside visudo. * Fixed a bug where the "iolog_mode" setting in sudoers and sudo_logsrvd had no effect when creating I/O log parent directories if the I/O log file name ended with the string "XXXXXX". * Fixed a bug in the sudoers custom prompt code where the size parameter that was passed to the strlcpy() function was incorrect. No overflow was possible since the correct amount of memory was already pre-allocated. * The mksigname and mksiglist helper programs are now built with the host compiler, not the target compiler, when cross-compiling. Bug #989. * Fixed compilation error when the --enable-static-sudoers configure option was specified. This was due to a typo introduced in sudo 1.9.7. GitHub PR #113. 2. (text/plain) ____________________________________________________________ sudo-announce mailing list <sudo-announce@sudo.ws> For list information, options, or to unsubscribe, visit: https://www.sudo.ws/mailman/listinfo/sudo-announce -- You are receiving this mail because: You are the assignee for the bug.