| version 1.6, 2003/03/15 21:23:53 |
version 1.7, 2003/04/01 15:47:51 |
|
|
| |
|
| 15) Add test for how to read ether interfaces in configure script |
15) Add test for how to read ether interfaces in configure script |
| |
|
| 16) Add configure check for $(CC) -R and use it in addition to -L |
16) An option to make "sudo -s" use the target user's shell might be nice |
| |
|
| 17) An option to make "sudo -s" use the target user's shell might be nice |
|
| (and more like su). Overlaps with the upcoming -i option. |
(and more like su). Overlaps with the upcoming -i option. |
| |
|
| 18) Add configure option to enable old behavior of visudo (O_EXCL)? |
17) Add configure option to enable old behavior of visudo (O_EXCL)? |
| --without-sudoers-lock? |
--without-sudoers-lock? |
| |
|
| 19) Profile sudo again (is the yacc grammar optimal?) |
18) Profile sudo again (is the yacc grammar optimal?) |
| |
|
| 20) Zero out encrypted passwords after use. Use an Exit function or |
19) Zero out encrypted passwords after use. Use an Exit function or |
| some such (have to hook in to emalloc() and friends). |
some such (have to hook in to emalloc() and friends). |
| Hard (impossible?) to be thorough w/ atexit/on_exit. |
Hard (impossible?) to be thorough w/ atexit/on_exit. |
| |
|
| 21) Make 'sudo -l user' if run as root do a "sudo -l" output for the specified |
20) Make 'sudo -l user' if run as root do a "sudo -l" output for the specified |
| user. |
user. |
| |
|
| 22) Use strtol() and strtoul(), not atoi() |
21) Use strtol() and strtoul(), not atoi() |
| |
|
| 24) Look into %e, %p, %k in parse.lex |
23) Look into %e, %p, %k in parse.lex |
| |
|
| 24) Make syslog stuff work on vanilla ultrix |
23) Make syslog stuff work on vanilla ultrix |
| |
|
| 25) Implement date_format and log_format options. |
24) Implement date_format and log_format options. |
| |
|
| 26) Add support for: Default:user@host |
25) Add support for: Default:user@host |
| |
|
| 27) Do login-style -sh hack for sudo -s? (new option or do it always?) |
26) Do login-style -sh hack for sudo -s? (new option or do it always?) |
| |
|
| 28) Make visudo rcs-aware |
27) Make visudo rcs-aware |
| |
|
| 29) Add support for parsing multiple sudoers files. Basically make |
28) Add support for parsing multiple sudoers files. Basically make |
| _PATH_SUDOERS be a colon-separated list of pathname like EDITOR. |
_PATH_SUDOERS be a colon-separated list of pathname like EDITOR. |
| Requires _PATH_SUDOERS_TMP chages (perhaps "%s.tmp"). |
Requires _PATH_SUDOERS_TMP chages (perhaps "%s.tmp"). |
| |
|
| 30) Add -i (simulate initial login) option as per 946 +sudo |
29) Add -i (simulate initial login) option as per 946 +sudo |
| (requires two-pass parser). Also add "default_path" Defaults option |
(requires two-pass parser). Also add "default_path" Defaults option |
| to go with it. (See MINUS_I.patch) |
to go with it. (See MINUS_I.patch) |
| |
|
| 31) Some people want to be able to specify a special password in sudoers |
30) Some people want to be able to specify a special password in sudoers |
| in addition or instead of the normal one. The best argument for |
in addition or instead of the normal one. The best argument for |
| this so far is to be able to use separate passwords for the |
this so far is to be able to use separate passwords for the |
| target users that are not the passwd file ones. |
target users that are not the passwd file ones. |
| |
|
| 32) Add support for trusted users. E.g. allow user to run a certain |
31) Add support for trusted users. E.g. allow user to run a certain |
| command regardless of what dir it is in if it is owned by the |
command regardless of what dir it is in if it is owned by the |
| trusted user. |
trusted user. |
| |
|
| 33) Add mechanism to choose logfile based on RunasUser |
32) Add mechanism to choose logfile based on RunasUser |
| |
|
| 34) Split the parser into two stages. The first parse checks for |
33) Split the parser into two stages. The first parse checks for |
| syntax and sets the Defaults options and sets up the |
syntax and sets the Defaults options and sets up the |
| data structures to check a user. The second stage does |
data structures to check a user. The second stage does |
| the actual user check. |
the actual user check. |
| |
|
| 35) Add a flag similar to '-l' but that spits out sudo commands in |
34) Add a flag similar to '-l' but that spits out sudo commands in |
| a format suitable for cut & paste (requires parser overhaul first). |
a format suitable for cut & paste (requires parser overhaul first). |
| |
|
| 36) Someone wants a recursive version of the dir specifier. Ie: |
35) Someone wants a recursive version of the dir specifier. Ie: |
| SOME_MODIFIER:/usr/local/ to allow anything under /usr/local to be run. |
SOME_MODIFIER:/usr/local/ to allow anything under /usr/local to be run. |
| |
|
| 37) An option to set the shell to the target user would make sense. |
36) An option to set the shell to the target user would make sense. |
| See other target user-related issues above. |
See other target user-related issues above. |
| |
|
| 38) Add an option (-D) to dump the defaults after the sudoers file |
37) Add an option (-D) to dump the defaults after the sudoers file |
| has been parsed. Should only be available to root and should |
has been parsed. Should only be available to root and should |
| allow a -u user modifier. |
allow a -u user modifier. |
| |
|
| 39) For sudo 1.7 wipe out the environment by default. |
38) For sudo 1.7 wipe out the environment by default. |
| |
|
| 40) Allow /etc/sudoers to be a symlink but require the parent dir to |
39) Allow /etc/sudoers to be a symlink but require the parent dir to |
| be root-owned and not writable by anything else. Should really |
be root-owned and not writable by anything else. Should really |
| traverse the tree to the root doing this. |
traverse the tree to the root doing this. |
| |
|
| 41) Improve interfaces.c STREAMS code (see ntpd's ntp_io.c for hints) |
40) Improve interfaces.c STREAMS code (see ntpd's ntp_io.c for hints) |
| |
|
| 42) Wildcard support for user and group names? (netgroup too?) |
41) Wildcard support for user and group names? (netgroup too?) |
| |
|
| 43) If root_sudo is off, still allow sudo -u to non-root users? |
42) If root_sudo is off, still allow sudo -u to non-root users? |
| |
|
| 44) Add configure option to id user based on euid not ruid? |
43) Add configure option to id user based on euid not ruid? |
| |
|
| 45) Split $EDITOR/$VISUAL in visudo into an argument vector based on whitespace |
44) Split $EDITOR/$VISUAL in visudo into an argument vector based on whitespace |
| |
|
| 46) Make Kerberos paths and libs situation as sane as possible |
45) Use proper links in .pod files |
![[BACK]](/icons/back.gif){kind=icon}
Return to TODO CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / sudo