Merge commit 'upstream/1.7.0'

[debian/sudo] / visudo.man.in

diff --git a/visudo.man.in b/visudo.man.in
index 7aa576b4ceaae7bdf2ac6dfe8e3f91302dbf2439..eca8d900f465308fb9c0c714b1a92e6043794263 100644 (file)
--- a/visudo.man.in
+++ b/visudo.man.in
@@ -173,15 +173,19 @@ edited you will receive a message to try again later.
 .PP
 There is a hard-coded list of editors that \fBvisudo\fR will use set
 at compile-time that may be overridden via the \fIeditor\fR \fIsudoers\fR
-\&\f(CW\*(C`Default\*(C'\fR variable.  This list defaults to the path to \fIvi\fR\|(1) on
-your system, as determined by the \fIconfigure\fR script.  Normally,
-\&\fBvisudo\fR does not honor the \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR environment
+\&\f(CW\*(C`Default\*(C'\fR variable.  
+On Debian systems, this list defaults to /usr/bin/editor, which is meant to
+be a system-wide default editor chosen through the alternatives system.
+Normally, \&\fBvisudo\fR does not honor the \f(CW\*(C`VISUAL\*(C'\fR or 
+\f(CW\*(C`EDITOR\*(C'\fR environment
 variables unless they contain an editor in the aforementioned editors
 list.  However, if \fBvisudo\fR is configured with the \fI\-\-with\-enveditor\fR
 option or the \fIenv_editor\fR \f(CW\*(C`Default\*(C'\fR variable is set in \fIsudoers\fR,
 \&\fBvisudo\fR will use any the editor defines by \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR.
 Note that this can be a security hole since it allows the user to
 execute any program they wish simply by setting \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR.
+Despite this potential risk, sudo on Debian is compiled with the
+\fI\-\-with\-enveditor\fR flag.
 .PP
 \&\fBvisudo\fR parses the \fIsudoers\fR file after the edit and will
 not save the changes if there is a syntax error.  Upon finding