1 --- /home/bdale/Desktop/sudo-1.7.2p1/sudoers.pod 2009-06-30 06:41:09.000000000 -0600
2 +++ sudo/sudoers.pod 2009-11-20 07:31:58.000000000 -0700
5 Cmnd_Alias ::= NAME '=' Cmnd_List
7 - NAME ::= [A-Z]([A-Z][0-9]_)*
8 + NAME ::= [A-Z]([a-z][A-Z][0-9]_)*
10 Each I<alias> definition is of the form
16 -=item always_set_home
19 If set, B<sudo> will set the C<HOME> environment variable to the home
20 directory of the target user (which is root unless the B<-u> option is used).
25 +Not effective due to security issues: only variables listed in
26 +I<env_keep> or I<env_check> can be passed through B<sudo>!
28 Environment variables to be removed from the user's environment
29 when the I<env_reset> option is not in effect. The argument may
30 be a double-quoted, space-separated list or a single value without
35 -Environment variables to be preserved in the user's environment
36 -when the I<env_reset> option is in effect. This allows fine-grained
37 +Environment variables to be preserved in the user's environment.
38 +This allows fine-grained
39 control over the environment B<sudo>-spawned processes will receive.
40 The argument may be a double-quoted, space-separated list or a
41 single value without double-quotes. The list can be replaced, added
42 @@ -1282,6 +1285,15 @@
43 Below are example I<sudoers> entries. Admittedly, some of
44 these are a bit contrived. First, we define our I<aliases>:
46 +Below are example I<sudoers> entries. Admittedly, some of
47 +these are a bit contrived. First, we allow a few environment
48 +variables to pass and then define our I<aliases>:
50 + # Run X applications through sudo; HOME is used to find .Xauthority file
51 + # Note that some programs may use HOME for other purposes too and
52 + # this may lead to privilege escalation!
53 + Defaults env_keep = "DISPLAY HOME"
55 # User alias specification
56 User_Alias FULLTIMERS = millert, mikef, dowdy
57 User_Alias PARTTIMERS = bostley, jwfox, crawl
projects / debian / sudo / blob