[Bug 248434] security/acme: Backport fix for running under sudo
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun Aug 2 16:46:47 UTC 2020
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248434
--- Comment #4 from John W. O'Brien <john at saltant.com> ---
(In reply to Dan Langille from comment #3)
That sounds about right. At a high level, it recognizes any command ending with
"/bin/su" and any command found in /etc/shells as a sane sudo environment, and
anything else as sufficiently problematic to warrant scolding the user and
requiring --force.
Without this patch, only /bin/su (exact) and /bin/bash (exact) are considered
sane, which means doing something obvious like
sudo -i -u acme
acme.sh # ...
triggers the scolding on FreeBSD.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list