Annotation of src/usr.bin/sudo/TODO, Revision 1.1
1.1 ! millert 1: TODO list (most will be addressed in sudo 2.0)
! 2:
! 3: 01) Redo parsing to be more like op(8) with true command aliases where
! 4: can specify uid, gid(s) and part/all of the environment.
! 5:
! 6: 02) Add default options to sudoers file (umask, def uid, def gids, dir, PATH).
! 7: Defaults = option1, option2, ...
! 8: Defaults@host = option1, option2, ...
! 9: Defaults!user = option1, option2, ...
! 10: Defaults%group = option1, option2, ...
! 11: Defaults+netgroup = option1, option2, ...
! 12:
! 13: 03) Add a SHELLS reserved word that checks against /etc/shells.
! 14:
! 15: 04) Make the sudoers file accessible via NIS, Hesiod, and maybe NetInfo.
! 16:
! 17: 05) Add a -h (?) flag to sudo for a history mechanism.
! 18:
! 19: 06) Add an option to hard-code LD_LIBRARY_PATH?
! 20:
! 21: 07) Add Prog_Alias facility (Prog_Alias VI = /usr/secure/bin/vi +args).
! 22:
! 23: 08) check for <net/errno.h> in configure and include it in sudo.c if it exists.
! 24:
! 25: 09) Add generic STREAMS support for getting interfaces and netmasks.
! 26:
! 27: 10) Add support for "safe scripts" by checking for shell script
! 28: cookie (first two bytes are "#!") and execing the shell outselves
! 29: after doing the stat to guard against spoofing. This should avoid
! 30: the race condition caused by going through namei() twice...
! 31:
! 32: 11) Overhaul testsudoers to use things from parse.o so we don't reimplement
! 33: things.
! 34:
! 35: 12) Make runas_user a struct "runas" with user and group components.
! 36: (maybe uid and gid too???)
! 37:
! 38: 13) Add -g group/gid option.
! 39:
! 40: 14) Should be able to mix Cmnd_Alias's and command args. Ie:
! 41: pete ALL=PASSWD [A-z]*,!PASSWD root
! 42: where PASSWD was defined to be /usr/bin/passwd.
! 43: This requires the arg parsing to happen in the yacc grammer.
! 44: At the very least, commands and args have to become separate
! 45: tokens in the lexer.
! 46:
! 47: 15) Add a per-tty restriction? Ie: only can run foo from /dev/console.
! 48:
! 49: 16) Add test for how to read ether interfaces in configure script
! 50:
! 51: 17) Add configure check for $(CC) -R and use it in addition to -L
! 52:
! 53: 18) An option to make "sudo -s" use the target user's shell might be nice
! 54: (and more like su).
! 55:
! 56: 19) Use getrlimit() in preference to getconf()/getdtablesize().
! 57:
! 58: 20) Add configure option to enable old behavior of visudo (O_EXCL)?
! 59: --without-sudoers-lock?
! 60:
! 61: 21) Profile sudo again (is the yacc grammar optimal?)
! 62:
! 63: 22) Zero out encrypted passwords after use. Use an Exit function or
! 64: some such (have to hook in to emalloc() and friends).
! 65: Hard (impossible?) to be thorough w/ atexit/on_exit.
! 66:
! 67: 23) Make 'sudo -l user' if run as root do a "sudo -l" output for the specified
! 68: user.
! 69:
! 70: 24) Use strtol() and strtoul(), not atoi()
! 71:
! 72: 25) In parse.yacc get rid on unneeded '{ ; }'
! 73:
! 74: 26) Look into %e, %p, %k in parse.lex
! 75:
! 76: 27) Document Defaults stuff in sudoers.pod
! 77:
! 78: 28) Make syslog stuff work on vanilla ultrix
! 79:
! 80: 29) Implement date_format and log_format options.
! 81:
! 82: 30) Add support for: Default:user@host
! 83:
! 84: 31) Add -S flag to force password read from stdin