Marc R. Schoolderman
Marc R. Schoolderman
We should be careful to not call ioctl's on "stdin/stdout/stderr" while we are setuid. This is not a problem in sudo-rs per se but it makes it an accomplice. See...
Do something with the `use_pty` flag (this runs the spawned process in a seperate pty)
- [ ] man pages - [ ] README which contains command flags, etc - [ ] security policy documentation - [ ] deviations/limitations compared to original sudo
In original sudo, a `user machine = (ALL) command` sudoers line forbids the use of `-g`, even in cases when the group that you would add with `-g` is actually...
- [x] find out what characters normally need escaping and which don't if they are in quotes - [ ] implement this in the parser
``` Host ::= '!'* host name | '!'* ip_addr | '!'* network(/netmask)? | '!'* +netgroup | '!'* Host_Alias ``` Leaving netgroups aside for a moment, should we support `ip_addr`, and...
With original sudo: `sudo vi`, press ^Z -> you drop to the shell. With sudo-rs: the process does get suspended, but the process seems stuck. This is probably something with...
Right now the Defaults parser/checker only supports global settings, but the sudoers file supports setting them on a per-host, per-user, per-command basis. This will require some changes.
I.e. some settings we do want to support, but may want to error on if a user tries to change them (candidates would be to disallow changing `env_reset`, probably `use_pty`...