diff options
-rw-r--r-- | RUNSON | 49 | ||||
-rw-r--r-- | TODO | 66 |
2 files changed, 68 insertions, 47 deletions
@@ -1,15 +1,18 @@ -Systems that Sudo is known to run on. -Just because a specific version of your OS is not listed with -the current version of sudo does not mean it won't work... +Systems that Sudo has been reported to run on. + +Just because a specific version of your OS is not listed with the +current version of Sudo does not mean it won't work. If an older +version of Sudo ran on your OS, chances are that the latest version +does as well. Op. System CPU Compilers Sudo Reported Special Name Rev Arch Used Version By Options ======= ======= ======= =============== ======= =============== =============== Auspex 1.6.1 sun4 bundled cc 1.3.4 Alek Komarnitsky none -SunOS 4.1.3 sun4 bundled cc 1.6.6 Todd Miller none -SunOS 4.1.3 sun4 gcc2.9.5.2 1.6.6 Todd Miller none +SunOS 4.1.3 sun4 bundled cc 1.6.7 Todd Miller none +SunOS 4.1.3 sun4 gcc2.9.5.2 1.6.7 Todd Miller none SunOS 4.1.3 sun4 gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4 -SunOS 4.1.3 sun4 gcc2.9.5.2 1.6.6 Todd Miller --with-skey +SunOS 4.1.3 sun4 gcc2.9.5.2 1.6.7 Todd Miller --with-skey Solaris 2.5.1 sparc SC4.0 1.5.6p1 Brian Jackson none Solaris 2.5.1 sun4u gcc2.7.2.3 1.5.4 Leon von Stauber none Solaris 2.5.1 i386 gcc2.7.2 1.5.4 Leon von Stauber none @@ -24,11 +27,12 @@ Solaris 7 i386 Workshop 5.0 1.6 Brian Jackson none Solaris 7 sun4u egcs 1.1.2 1.5.9p4 Scott Kinnane none Solaris 7 sparc SC4.2 1.6.6 Todd Miller none Solaris 7 sun4u Workshop 6.2 1.6.3p7 Donna Dickerson none -Solaris 7 sparc 2.95.2 1.6.6 Todd Miller --with-skey +Solaris 7 sparc gcc2.95.2 1.6.6 Todd Miller --with-skey Solaris 2.6 sun4u egcs 1.1.2 1.5.9p4 Scott Kinnane none -Solaris 8 sparc 2.95.2 1.6.6 Todd Miller --with-skey -Solaris 8 sparc SC4.2 1.6.6 Todd Miller none +Solaris 8 sparc gcc2.95.2 1.6.7 Todd Miller --with-skey +Solaris 8 sparc SC4.2 1.6.7 Todd Miller none Solaris 8 sun4u Workshop 6.2 1.6.3p7 Donna Dickerson none +Solaris 8 sun4u gcc2.95.3 1.6.6 Banu Yobas none ISC 4.0 i386 bundled cc 1.4 Andy Smith none ISC 4.0 i386 gcc2.7.0 1.4 Andy Smith none ISC 4.1 i386 bundled cc 1.4 Andy Smith none @@ -40,13 +44,15 @@ HP-UX 9.05 hp700 gcc2.7.2.1 1.5.3 Todd Miller none HP-UX 9.05 hp700 gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4 HP-UX 9.07 hp700 unbundled cc 1.5 Alek Komarnitsky --with-C2 HP-UX 9.05 hp700 unbundled cc 1.4 Todd Miller none -HP-UX 10.10 hp700 unbundled cc 1.6.6 Todd Miller --with-skey -HP-UX 10.20 hp700 gcc2.9.5.2 1.6.6 Todd Miller --with-skey -HP-UX 10.20 hp700 bundled cc 1.6.6 Todd Miller none +HP-UX 10.10 hp700 unbundled cc 1.6.7 Todd Miller --with-skey +HP-UX 10.20 hp700 gcc2.9.5.2 1.6.7 Todd Miller --with-skey +HP-UX 10.20 hp700 bundled cc 1.6.7 Todd Miller none HP-UX 10.20 hp700 gcc 2.95.2 1.6.2 Jeff Earickson --with-DCE HP-UX 11.00 hp700 ansi-c 1.5.5b1 Alek Komarnitsky --with-C2 -HP-UX 11.00 hp700 bundled cc 1.5.5p5 Lynn Osburn none -HP-UX 11.00 hp700 HP C compiler 1.6.2 Jeff Earickson --with-pam +HP-UX 11.00 hp700 bundled cc 1.6.7 Todd Miller none +HP-UX 11.00 hp700 bundled cc 1.6.7 Todd Miller --with-pam +HP-UX 11.00 hp700 gcc 3.2 1.6.7 Todd Miller none +HP-UX 11.00 hp700 gcc 3.2 1.6.7 Todd Miller --with-pam HP-UX 11.11 hp800 HP C compiler 1.6.5p2 Bill Marmagas --with-pam Ultrix 4.3 mips bundled cc 1.6.3b2 Todd Miller none Ultrix 4.3 mips gcc2.7.2.1 1.5.9 Todd Miller --with-skey @@ -77,11 +83,11 @@ NEXTSTEP 3.2 i386 bundled cc 1.3.2 Jonathan Adams none NEXTSTEP 3.3 i386 bundled cc 1.4 Jonathan Adams none NEXTSTEP 3.3 sparc bundled cc 1.5.3 Mike Kienenberger none DEC UNIX 3.2c alpha bundled cc 1.5.3 Todd Miller none -DEC UNIX 4.0D alpha bundled cc 1.6.6 Todd Miller --with-skey +DEC UNIX 4.0D alpha bundled cc 1.6.7 Todd Miller --with-skey DEC UNIX 4.0 alpha gcc-2.7.2.1 1.5.3 Todd Miller --with-kerb4 DEC UNIX 4.0D alpha bundled cc 1.5.3 Randall R. Cable --with-C2 DEC UNIX 4.0E alpha bundled cc 1.5.9p2 Vangelis Haniotakis none -Tru64 5.1 alpha bundled cc 1.6.6 Todd Miller none +Tru64 5.1 alpha bundled cc 1.6.7 Todd Miller none AIX 3.2.X rs6000 bundled cc 1.4 Todd Miller none AIX 4.1.3 PowerPC gcc-2.7.0 1.4 Bob Shair none AIX 4.1.4 rs6000 gcc-2.8.1 1.6.2p2 Todd Miller none @@ -93,11 +99,13 @@ AIX 4.2.1 rs6000 bundled cc 1.5.7p4 Sam Mabjish none AIX 4.2.1 rs6000 egcs 1.1.2 1.5.9p4 Scott Kinnane none AIX 4.3 rs6000 bundled cc 1.5.4 Leon von Stauber none AIX 4.3.2 rs6000 egcs 1.1.2 1.5.9p4 Scott Kinnane none +AIX 5.0.1.0 rs6000 bundled cc 1.6.6 David Littlewood none +AIX 5.1 PowerPC gcc-3.2.1 1.6.6 Neil MacGregor none ConvexOS 9.1 convex bundled cc 1.3.6 Todd Miller none ConvexOS 9.1 convex gcc2.4.5 1.3.6 Todd Miller none BSD/OS 4.1 i386 cc 1.6.3 Todd Miller --with-skey -OpenBSD 2.X all gcc-2.95.2 1.6.6 Todd Miller none -OpenBSD 3.0 all gcc-2.95.3 1.6.6 Todd Miller none +OpenBSD 3.X all gcc-2.95.3 1.6.7 Todd Miller none +OpenBSD 3.X all gcc-2.95.3 1.6.7 Todd Miller --with-bsdauth FreeBSD 1.1 i386 gcc 1.3.2 Dworkin Muller none FreeBSD 2.0.5 i386 gcc 1.3.4 Dworkin Muller none FreeBSD 3.2 i386 gcc 2.7.2.1 1.6 Brian Jackson none @@ -108,12 +116,13 @@ Linux 2.0.34 i586 egcs-2.91.57 1.5.6p2 Darrin Chandler none Linux 2.0.36 i586 gcc-2.7.2.3 1.5.7p4 Nathan Haney none Linux 2.0.33pl1 m68k gcc 2.7.2.3 1.5.6 James Troup none Linux 2.2.12 i586 gcc-2.95.2 1.6.3 Todd Miller --with-pam -Linux 2.4.9 i686 gcc-2.96 1.6.6 Todd Miller --with-pam +Linux 2.4.18 i686 gcc-3.2 1.6.7 Todd Miller --with-pam Linux 2.2.13 alpha egcs-2.91.66 1.6.3 Todd Miller --with-pam Linux 2.2.6-15 ppc egcs-1.1.2 1.5.9p4 Barbara Schelkle none Linux 2.0.34 mips gcc-2.7.2 1.6 Tristan Roddis none UnixWare 1.1.4 i386 gcc-2.7.2 1.4 Michael Hancock none UnixWare 7.1.1 i686 cc 1.6.5p1 Mike Petkau none +UnixWare 7.1.3 i686 cc 1.6.6 Larry Rosenman none Pyramid DC/OSx 1.1 bundled cc 1.4 Les Schuettpelz none ATT SVR4.x i486 Metaware CC 1.4 Chris Ellington none SINIX 5.42 R4000 bundled cc 1.4 Paul Tuininga none @@ -144,7 +153,7 @@ Dynix/ptx 4.4.6 Sequent bundled cc 1.6 Larry Mascarenhase none Dynix/ptx 4.4.7 Sequent bundled cc 1.6.2p1 Dana Kaempen --with-CC=cc DC-OSx 1.1-9x mips PyrC 4.0A20 1.5.6p2 Brian Jackson none HI-UX/MPP 02-03 sr2201 bundled cc 1.5.4 Ben Edgington none -SVR4 4.4 m88k bundled gcc 1.6rc1 Gerry Belanger CFLAGS= +SVR4 4.4 m88k bundled gcc 1.6.7 Gerry Belanger none NonStop-UX B32 CO-1475 cc 1.5.9p3 Andrei Panfilenko none MacOS X ppc bundled cc 1.6.3p7 Gary Danko none @@ -41,74 +41,86 @@ TODO list (most will be addressed in sudo 2.0) 15) Add test for how to read ether interfaces in configure script -16) Add configure check for $(CC) -R and use it in addition to -L - -17) An option to make "sudo -s" use the target user's shell might be nice +16) An option to make "sudo -s" use the target user's shell might be nice (and more like su). Overlaps with the upcoming -i option. -18) Add configure option to enable old behavior of visudo (O_EXCL)? +17) Add configure option to enable old behavior of visudo (O_EXCL)? --without-sudoers-lock? -19) Profile sudo again (is the yacc grammar optimal?) +18) Profile sudo again (is the yacc grammar optimal?) -20) Zero out encrypted passwords after use. Use an Exit function or +19) Zero out encrypted passwords after use. Use an Exit function or some such (have to hook in to emalloc() and friends). Hard (impossible?) to be thorough w/ atexit/on_exit. -21) Make 'sudo -l user' if run as root do a "sudo -l" output for the specified +20) Make 'sudo -l user' if run as root do a "sudo -l" output for the specified user. -22) Use strtol() and strtoul(), not atoi() - -23) In parse.yacc get rid of unneeded '{ ; }' +21) Use strtol() and strtoul(), not atoi() -24) Look into %e, %p, %k in parse.lex +23) Look into %e, %p, %k in parse.lex -25) Make syslog stuff work on vanilla ultrix +23) Make syslog stuff work on vanilla ultrix -26) Implement date_format and log_format options. +24) Implement date_format and log_format options. -27) Add support for: Default:user@host +25) Add support for: Default:user@host -28) Do login-style -sh hack for sudo -s? (new option or do it always?) +26) Do login-style -sh hack for sudo -s? (new option or do it always?) -29) Make visudo rcs-aware +27) Make visudo rcs-aware -30) Add support for parsing multiple sudoers files. Basically make +28) Add support for parsing multiple sudoers files. Basically make _PATH_SUDOERS be a colon-separated list of pathname like EDITOR. Requires _PATH_SUDOERS_TMP chages (perhaps "%s.tmp"). -31) Add -i (simulate initial login) option as per 946 +sudo +29) Add -i (simulate initial login) option as per 946 +sudo (requires two-pass parser). Also add "default_path" Defaults option to go with it. (See MINUS_I.patch) -32) Some people want to be able to specify a special password in sudoers +30) Some people want to be able to specify a special password in sudoers in addition or instead of the normal one. The best argument for this so far is to be able to use separate passwords for the target users that are not the passwd file ones. -33) Add support for trusted users. E.g. allow user to run a certain +31) Add support for trusted users. E.g. allow user to run a certain command regardless of what dir it is in if it is owned by the trusted user. -34) Add mechanism to choose logfile based on RunasUser +32) Add mechanism to choose logfile based on RunasUser -35) Split the parser into two stages. The first parse checks for +33) Split the parser into two stages. The first parse checks for syntax and sets the Defaults options and sets up the data structures to check a user. The second stage does the actual user check. -36) Add a flag similar to '-l' but that spits out sudo commands in +34) Add a flag similar to '-l' but that spits out sudo commands in a format suitable for cut & paste (requires parser overhaul first). -37) Someone wants a recursive version of the dir specifier. Ie: +35) Someone wants a recursive version of the dir specifier. Ie: SOME_MODIFIER:/usr/local/ to allow anything under /usr/local to be run. -38) An option to set the shell to the target user would make sense. +36) An option to set the shell to the target user would make sense. See other target user-related issues above. -39) Add an option (-D) to dump the defaults after the sudoers file +37) Add an option (-D) to dump the defaults after the sudoers file has been parsed. Should only be available to root and should allow a -u user modifier. -40) For sudo 1.7 wipe out the environment by default. +38) For sudo 1.7 wipe out the environment by default. + +39) Allow /etc/sudoers to be a symlink but require the parent dir to + be root-owned and not writable by anything else. Should really + traverse the tree to the root doing this. + +40) Improve interfaces.c STREAMS code (see ntpd's ntp_io.c for hints) + +41) Wildcard support for user and group names? (netgroup too?) + +42) If root_sudo is off, still allow sudo -u to non-root users? + +43) Add configure option to id user based on euid not ruid? + +44) Split $EDITOR/$VISUAL in visudo into an argument vector based on whitespace + +45) Use proper links in .pod files |