FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

Port details
sudo Allow others to run commands as root
1.8.18p1 security on this many watch lists=491 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port
Maintainer: garga@FreeBSD.org search for ports maintained by this maintainer
Port Added: unknown
License: sudo
This is the CU version of sudo.

Sudo is a program designed to allow a sysadmin to give limited root
privileges to users and log root activity.  The basic philosophy is to
give as few privileges as possible but still allow people to get their
work done.

WWW: http://www.sudo.ws/
SVNWeb : Homepage : PortsMon

To install the port: cd /usr/ports/security/sudo/ && make install clean
To add the package: pkg install sudo

PKGNAME: sudo

distinfo:

TIMESTAMP = 1477613192
SHA256 (sudo-1.8.18p1.tar.gz) = e5a0471c721281a693025bbde33ebd9d3db43245d83ab8516bbfc23980379434
SIZE (sudo-1.8.18p1.tar.gz) = 2822109


NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. msgfmt : devel/gettext-tools
Library dependencies:
  1. libintl.so : devel/gettext-runtime

This port is required by:

for Build for Run * - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...
Configuration Options
===> The following configuration options are available for sudo-1.8.18p1:
     AUDIT=on: Enable BSM audit support
     DISABLE_AUTH=off: Do not require authentication by default
     DISABLE_ROOT_SUDO=off: Do not allow root to run sudo
     DOCS=on: Build and/or install documentation
     INSULTS=off: Enable insults on failures
     LDAP=off: LDAP protocol support
     NLS=on: Native Language Support
     NOARGS_SHELL=off: Run a shell if no arguments are given
     OPIE=off: Enable one-time passwords (no PAM support)
     SSSD=off: Enable SSSD backend support.
===> Use 'make config' to modify these settings

USES:
cpe libtool gettext

Master Sites:
  1. ftp://core.ring.gr.jp/pub/misc/sudo/
  2. ftp://ftp.arcane-networks.fr/pub/mirrors/sudo/
  3. ftp://ftp.cin.nihon-u.ac.jp/pub/misc/sudo/
  4. ftp://ftp.cs.tu-berlin.de/pub/misc/sudo/
  5. ftp://ftp.in2p3.fr/pub/sudo/
  6. ftp://ftp.informatik.uni-hamburg.de/pub/os/unix/utils/sudo/
  7. ftp://ftp.ring.gr.jp/pub/misc/sudo/
  8. ftp://ftp.st.ryukoku.ac.jp/pub/security/tool/sudo/
  9. ftp://ftp.sudo.ws/pub/sudo/
  10. ftp://ftp.tuwien.ac.at/utils/admin-tools/sudo/
  11. ftp://ftp.twaren.net/Unix/Security/Sudo/
  12. ftp://ftp.usbm.de/pub/sudo/
  13. ftp://ftp.uwsg.indiana.edu/pub/security/sudo/
  14. ftp://mirror.cdmon.com/pub/sudo/
  15. ftp://obsd.isc.org/pub/sudo/
  16. ftp://plier.ucar.edu/pub/sudo/
  17. ftp://sunsite.icm.edu.pl/packages/sudo/
  18. ftp://sunsite.ualberta.ca/pub/Mirror/sudo/
  19. ftp://zoot.tele.dk/pub/sudo/
  20. http://core.ring.gr.jp/archives/misc/sudo/
  21. http://ftp.arcane-networks.fr/pub/mirrors/sudo/
  22. http://ftp.twaren.net/Unix/Security/Sudo/
  23. http://sudo-ftp.basemirror.de/
  24. http://sudo.cybermirror.org/
  25. http://sudo.p8ra.de/sudo/dist/
  26. http://www.ring.gr.jp/archives/misc/sudo/
  27. http://www.sudo.ws/sudo/dist/

Number of commits found: 172 (showing only 72 on this page)

«  1 | 2 

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
21 Aug 2008 06:18:49
Original commit files touched by this commit  1.6.9.17
 This port version is marked as vulnerable.
rafan search for other commits by this committer
Update CONFIGURE_ARGS for how we pass CONFIGURE_TARGET to configure script.
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.

To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.

To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.

Changes to Mk/*:
 - Add runtime detection magic in bsd.port.mk
(Only the first 15 lines of the commit message are shown above View all of this commit message)
06 Jul 2008 23:20:05
Original commit files touched by this commit  1.6.9.17
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
- Update to 1.6.9p17
* the -i flag implies resetting the environment as it did prior to
  1.6.9.  The -i and -E flags are now mutually-exclusive.
10 Apr 2008 14:00:22
Original commit files touched by this commit  1.6.9.15_1
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
- Fix pkg-plist, libtool archive is no longer installed.

Prompted by:    pavmail
09 Apr 2008 16:44:28
Original commit files touched by this commit  1.6.9.15
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
- Update to 1.6.9p15
* The HOME environment variable is once again preserved by default, as per
  the documentation.

- Finally remember to fix the $FreeBSD$ line in pam file.
09 Mar 2008 20:51:31
Original commit files touched by this commit  1.6.9.14
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
- Update to 1.6.9p14

* Check sudoers even if user is found in LDAP so Defaults can take
  effect.
* Fix crash when pam_lastlog is (incorrectly) usesd in session section
  of PAM file.
28 Jan 2008 06:29:03
Original commit files touched by this commit  1.6.9.12
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
Update to 1.6.9p12

Changes:
- The ALL command in sudoers now implies SETENV permissions.
- The command search is now performed using the target user's auxiliary
  group vector too.
- Various LDAP code improvements.
- Added passprompt_override flag to sudoers to cause sudo's prompt to be
  used in all cases.  Also set when the -p flag is used.
- New %p prompt escape that expands to the user whose password is being
  prompted, as specified by the rootpw, targetpw and runaspw sudoers
  flags.
12 Nov 2007 01:21:20
Original commit files touched by this commit  1.6.9.6
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
- Make fetchable again.  Add my MASTER_SITE_LOCAL to the mix and replace
  a number of outdated sites.

Notified by:    Ferenc Gartner
Approved by:    portmgr (linimon, erwin)
23 Oct 2007 00:46:45
Original commit files touched by this commit  1.6.9.6
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
Update to 1.6.9p6
- Sudo now only prints the password prompt if the process is in the
  foreground.
17 Sep 2007 14:55:13
Original commit files touched by this commit  1.6.9.5
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
Update to 1.6.9p5:
- Fixed a bug in the IP address matching introduced by the IPV6 merge.
- Fixed sudoedit when used on a non-existent file.
- Groups and netgroups are now valid in an LDAP sudoRunas statement.
03 Sep 2007 17:13:29
Original commit files touched by this commit  1.6.9.4
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
Install schema.OpenLDAP into DOCSDIR.

Prompted by:    flz
27 Aug 2007 19:40:48
Original commit files touched by this commit  1.6.9.4
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
Update to 1.6.9p4
- IPv6 support added.
- Added notes to default sudoers for handling environmental variables
  related to our pkg_* tools and portupgrade.
13 Aug 2007 00:14:15
Original commit files touched by this commit  1.6.9.3_1
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
- Work around broken configure script and explicitly set location of
  sudo_noexec.so to unbreak NOEXEC option. [1]
- Build using --with-secure-path if SUDO_SECURE_PATH is set when
  building the port.  SUDO_SECURE_PATH should be set to a PATH string.
  [2]
- Don't bother deleting sudo_noexec.la.  Deleting the file after it's
  installed is ugly and since it's not harmful it's not worth patching
  the install.
- Set CONFIGURE_TARGET.

PR:             115442 [1], 115381 [2]
Submitted by:   vd [1], Janos Mohacsi [2]
03 Aug 2007 00:56:01
Original commit files touched by this commit  1.6.9.3_1
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
Fix session stack in default pam file.
02 Aug 2007 17:25:19
Original commit files touched by this commit  1.6.9.3
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
Update to 1.6.9p3
- Fixes bug related to supplemental group matching
30 Jul 2007 15:01:47
Original commit files touched by this commit  1.6.9.2
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
Update to 1.6.9p2
- Environment handling fix.
27 Jul 2007 01:00:56
Original commit files touched by this commit  1.6.9.1
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
Fix PORTVERSION

Noticed by:     ume
26 Jul 2007 15:53:40
Original commit files touched by this commit  1.6.9.p1
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
- Update to 1.6.9p1
  * Worked around a bug in some PAM implementations that caused a crash
    when no tty was present.
  * Fixed a crash on some platforms in the error logging function.
- Change default pam session stack to pam_permit like su does [1]
- Grab maintainership

Sugested by:    des [1]
23 Jul 2007 03:54:05
Original commit files touched by this commit  1.6.9_1
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
- Fix segfault when there is no TTY when executing. [1]
- Temporarilly disable session entry in default pam file because
  pam_lastlog causes users to appear as though they have logged out in
  system logs. [2]

Reported by:    yarodin@gmail.com [1], Paul Fraser <pfraser@gmail.com> [2]
Submitted by:   Todd Miller [1]
21 Jul 2007 03:15:13
Original commit files touched by this commit  1.6.9
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
Update to 1.6.9

Application changes:
- PAM, since present, is used by default.
- Environment variable handling has changed significantly.
- Sudo checks the user's supplemental group vector so nsswitch order is
  no longer important for group based rules.
(See UPGRADE and CHANGING under share/doc/sudo/ for more.)

Port changes:
- PAM file is no longer clobered on reinstall.
- OPIE option has been removed due to PAM being used by default.
- Selected documentation is now installed.
02 May 2007 18:47:17
Original commit files touched by this commit  1.6.8.12_2
 This port version is marked as vulnerable.
sat search for other commits by this committer
- Add an option to enable insults

Submitted by:   Dan Casey <dcasey@debtresolve.com>
10 Apr 2007 12:47:09
Original commit files touched by this commit  1.6.8.12_2
 This port version is marked as vulnerable.
des search for other commits by this committer
Install a PAM policy, rather than just suggesting that the admin do so.
23 Mar 2007 09:47:31
Original commit files touched by this commit  1.6.8.12_1
 This port version is marked as vulnerable.
linimon search for other commits by this committer
Reset mharo due to maintainer-timeouts and no response to PRs.

Hat:            portmgr
28 Jul 2006 06:54:29
Original commit files touched by this commit  1.6.8.12_1
 This port version is marked as vulnerable.
mharo search for other commits by this committer
fix option text

Reported by: Nick Fishman <kwlogical@bellsouth.net>
28 Apr 2006 19:34:09
Original commit files touched by this commit  1.6.8.12_1
 This port version is marked as vulnerable.
sem search for other commits by this committer
- Add LDAP support (off by default)
- OPTIONS'fy
- Remove obsoleted USE_REINPLACE

PR:             ports/95598
Submitted by:   Dmitriy Kirhlarov <dkirhlarov@localhost.oilspace.com>
Approved by:    maintainer timeout (2 weeks)
24 Jan 2006 01:03:33
Original commit files touched by this commit  1.6.8.12_1
 This port version is marked as vulnerable.
edwin search for other commits by this committer
SHA256ify

Approved by: krion@
17 Dec 2005 22:12:42
Original commit files touched by this commit  1.6.8.12_1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Remove etc/sudoers on deinstall if user haven't modified it

PR:             ports/69288 (based on)
Approved by:    maintainer timeout (mharo; year and a half)
14 Nov 2005 04:20:02
Original commit files touched by this commit  1.6.8.12
 This port version is marked as vulnerable.
mharo search for other commits by this committer
Upgrade to 1.6.8.12

PR:             88865
Submitted by:   Phil Oleson <oz@nixil.net>
21 Jun 2005 12:52:01
Original commit files touched by this commit  1.6.8.9
 This port version is marked as vulnerable.
osa search for other commits by this committer
Security update to latest release: 1.6.8p9.

<Security Alert>
Summary:
A race condition in Sudo's command pathname handling prior
to Sudo version 1.6.8p9 that could allow a user with Sudo
privileges to run arbitrary commands.
Sudo versions affected:
Sudo versions 1.3.1 up to and including 1.6.8p8.
</Security Alert>

More information about this incident available at:
http://www.sudo.ws/sudo/alerts/path_race.html
15 Apr 2005 15:06:09
Original commit files touched by this commit  1.6.8.8
 This port version is marked as vulnerable.
mharo search for other commits by this committer
Upgrade to 1.6.8p8
07 Feb 2005 18:46:42
Original commit files touched by this commit  1.6.8.7
 This port version is marked as vulnerable.
mharo search for other commits by this committer
update to 1.6.8p7
08 Jan 2005 19:56:10
Original commit files touched by this commit  1.6.8.6
 This port version is marked as vulnerable.
mharo search for other commits by this committer
Upgrade to 1.6.8p6
30 Nov 2004 01:22:23
Original commit files touched by this commit  1.6.8.5
 This port version is marked as vulnerable.
mharo search for other commits by this committer
Update to 1.6.8p5
18 Nov 2004 02:17:47
Original commit files touched by this commit  1.6.8.4
 This port version is marked as vulnerable.
mharo search for other commits by this committer
Update to latest release of sudo
17 Nov 2004 11:50:07
Original commit files touched by this commit  1.6.8.3
 This port version is marked as vulnerable.
roam search for other commits by this committer
Update to sudo-1.6.3p8, which *really* includes the CDPATH fix, and
another one that does not directly affect FreeBSD (our _PATH_VARTMP
was fine before, too).

Approved by:    mharo (maintainer)
16 Nov 2004 08:38:38
Original commit files touched by this commit  1.6.8.2_1
 This port version is marked as vulnerable.
mharo search for other commits by this committer
strip out CDPATH

Submitted by:   Peter Pentchev <roam@ringlet.net>
12 Nov 2004 21:19:00
Original commit files touched by this commit  1.6.8.2
 This port version is marked as vulnerable.
mharo search for other commits by this committer
Update to 1.6.8p2

 o Bash exported functions and the CDPATH variable are now stripped from
   the environment passed to the program to be executed.
19 Sep 2004 05:31:33
Original commit files touched by this commit  1.6.8.1
 This port version is marked as vulnerable.
mharo search for other commits by this committer
Update to 1.6.8p1

Submitted by:   many people
Approved by:    portsmgr (marcus)
20 Aug 2004 06:49:35
Original commit files touched by this commit  1.6.8
 This port version is marked as vulnerable.
mharo search for other commits by this committer
Update to 1.6.8
20 Jul 2004 08:30:14
Original commit files touched by this commit  1.6.7.5_2
 This port version is marked as vulnerable.
edwin search for other commits by this committer
Undo yesterdays change after sysutils/porttools suddenly failed.

Kris (bento (noh! pointyhat)) reported it

PR:             ports/58387
19 Jul 2004 08:15:33
Original commit files touched by this commit  1.6.7.5_1
 This port version is marked as vulnerable.
edwin search for other commits by this committer
[PATCH] security/sudo: Utilize EXAMPLESDIR

        Utilize EXAMPLESDIR to improves layout; i.e.,

          configuration file        -> ${PREFIX}/etc
          sample configuration file -> ${PREFIX}/share/examples/${PORTNAME}

        This change helps if many configuration files and sample ones exist.

PR:             ports/58387
Submitted by:   Hideyuki KURASHINA <rushani@FreeBSD.org>
30 Jan 2004 03:31:51
Original commit files touched by this commit  1.6.7.5
 This port version is marked as vulnerable.
mharo search for other commits by this committer
Add SIZE
17 Dec 2003 03:43:37
Original commit files touched by this commit  1.6.7.5
 This port version is marked as vulnerable.
mharo search for other commits by this committer
Add more MASTER_SITES and remove dead one
16 Dec 2003 23:30:41
Original commit files touched by this commit  1.6.7.5
 This port version is marked as vulnerable.
mharo search for other commits by this committer
Add another MASTER_SITE

Submitted by:   "Michael Sharp" <ms@probsd.org>
17 Jul 2003 04:49:47
Original commit files touched by this commit  1.6.7.5
 This port version is marked as vulnerable.
mharo search for other commits by this committer
Add WITH_SHELL_SETS_HOME knob to security/sudo

PR:             47087
Submitted by:       Stefan Farfeleder <stefan@fafoe.dyndns.org>
17 Jul 2003 04:47:51
Original commit files touched by this commit  1.6.7.5
 This port version is marked as vulnerable.
mharo search for other commits by this committer
upgrade from 1.6.7.4 to 1.6.7.5

PR:             52237
Submitted by:   Sergey A. Osokin <osa@FreeBSD.org.ru>
19 Apr 2003 20:21:29
Original commit files touched by this commit  1.6.7.4
 This port version is marked as vulnerable.
mharo search for other commits by this committer
update from 1.6.6 to 1.6.7p4

PR:             51084
Submitted by:   Sergey A. Osokin  <osa@freebsd.org.ru>
07 Mar 2003 06:10:51
Original commit files touched by this commit  1.6.6_1
 This port version is marked as vulnerable.
ade search for other commits by this committer
Clear moonlight beckons.
Requiem mors pacem pkg-comment,
And be calm ports tree.

E Nomini Patri, E Fili, E Spiritu Sancti.
13 Feb 2003 08:26:38
Original commit files touched by this commit  1.6.6_1
 This port version is marked as vulnerable.
roam search for other commits by this committer
Add a patch from the Sudo CVS repository for proper handling of
the PAM transition from echoed to non-echoed input.

PR:             46026
Approved by:    mharo (maintainer)
14 Sep 2002 19:27:18
Original commit files touched by this commit  1.6.6
 This port version is marked as vulnerable.
mharo search for other commits by this committer
don't depend on perl

Submitted by:   David Yeske <dyeske@yahoo.com>
24 Aug 2002 02:20:55
Original commit files touched by this commit  1.6.6
 This port version is marked as vulnerable.
mharo search for other commits by this committer
remove insults and allow root to use sudo
25 Apr 2002 17:20:23
Original commit files touched by this commit  1.6.6
 This port version is marked as vulnerable.
mharo search for other commits by this committer
update to 1.6.6
22 Apr 2002 23:45:48
Original commit files touched by this commit  1.6.5.2
 This port version is marked as vulnerable.
mharo search for other commits by this committer
revert change from this morning
22 Apr 2002 15:30:41
Original commit files touched by this commit  1.6.5.2.1
 This port version is marked as vulnerable.
mharo search for other commits by this committer
Patch sudo 1.6.5.2 with GlobalInterSec's sudo patch.
24 Jan 2002 05:01:26
files touched by this commit
mharo search for other commits by this committer
update to 1.6.5p2    
17 Jan 2002 23:15:56
files touched by this commit
mharo search for other commits by this committer
update the distfile name    
17 Jan 2002 17:00:36
files touched by this commit
mharo search for other commits by this committer
update to 1.6.5p1    
17 Jan 2002 10:52:56
files touched by this commit
ijliao search for other commits by this committer
correct checksum    
17 Jan 2002 04:53:46
files touched by this commit
mharo search for other commits by this committer
update to 1.6.5    
16 Jan 2002 20:53:56
files touched by this commit
mharo search for other commits by this committer
update to 1.6.4p2    
15 Jan 2002 02:56:33
files touched by this commit
mharo search for other commits by this committer
Update to 1.6.4.1, which fixes a security hole when sending email  
notifications    
09 Jan 2002 17:04:16
files touched by this commit
mharo search for other commits by this committer
Bump port revision to reflect change in November to pkg-install   which sets the
file permissions on the sudoers file.    
21 Nov 2001 02:09:13
files touched by this commit
petef search for other commits by this committer
Fix permissions on the sudoers file when installed from package    
29 Sep 2001 02:15:23
files touched by this commit
kuriyama search for other commits by this committer
Support latest -current which has no libskey.2.    
18 Sep 2001 23:50:50
files touched by this commit
mharo search for other commits by this committer
if the sudoers file is unchanged from the sample one, remove it too    
24 Jun 2001 13:39:56
files touched by this commit
mharo search for other commits by this committer
Use PAM and bump PORTREVISION as a result    
22 Jun 2001 09:48:48
files touched by this commit
mharo search for other commits by this committer
Add WITH_OPIE, which will compile with OPIE instead of S/Key    
07 Mar 2001 10:31:40
files touched by this commit
mharo search for other commits by this committer
update to 1.6.3p7    
21 Feb 2001 12:43:00
files touched by this commit
mharo search for other commits by this committer
Update to 1.6.3p5    
14 Feb 2001 20:19:44
files touched by this commit
lioux search for other commits by this committer
typo clean up police: \s -> \t    
08 Oct 2000 07:30:58
files touched by this commit
asami search for other commits by this committer
Convert category security to new layout.  
27 Aug 2000 23:46:54
files touched by this commit
mharo search for other commits by this committer
update to p5    
10 Jun 2000 05:31:38
files touched by this commit
mharo search for other commits by this committer
update to 1.6.3p4    

Number of commits found: 172 (showing only 72 on this page)

«  1 | 2 

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
apache24Dec 06
cryptoppDec 06
mod_http2-develDec 06
py-cryptography*Dec 06
qemu*Dec 06
qemu-devel*Dec 06
qemu-sbruno*Dec 06
chromiumDec 05
ImageMagickDec 04
ImageMagick-nox11Dec 04
ImageMagick7Dec 04
ImageMagick7Dec 04
ImageMagick7-nox11Dec 04
ImageMagick7-nox11Dec 04
py-pillowDec 04

34 vulnerabilities affecting 70 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 26966
Broken 313
Deprecated 177
Ignore 577
Forbidden 1
Restricted 214
No CDROM 82
Vulnerable 59
Expired 15
Set to expire 156
Interactive 0
new 24 hours 6
new 48 hours30
new 7 days68
new fortnight120
new month292

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.