1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55
|
Description: Document handling of leading ':' when checking TZ variable
Document that a leading ':' is skipped when checking TZ for a
fully-qualified path name.
Origin: backport, http://www.sudo.ws/repos/sudo/rev/91859f613b88,
http://www.sudo.ws/repos/sudo/rev/579b02f0dbe0
Forwarded: not-needed
Author: Todd C. Miller <Todd.Miller@courtesan.com>
Author: Salvatore Bonaccorso <carnil@debian.org>
Author: Ben Hutchings <ben@decadent.org.uk>
Last-Update: 2016-01-05
Applied-Upstream: 1.8.12
--- a/doc/sudoers.pod
+++ b/doc/sudoers.pod
@@ -1574,8 +1574,9 @@ is considered unsafe if any of the follo
=item *
-It consists of a fully-qualified path name that does not match
-the location of the I<zoneinfo> directory.
+It consists of a fully-qualified path name, optionally prefixed with a
+colon (':'), that does not match the location of the I<zoneinfo>
+directory.
=item *
--- a/doc/sudoers.cat
+++ b/doc/sudoers.cat
@@ -1319,9 +1319,9 @@ SSUUDDOOEERRSS OOPPTTIIOONN
programs. The TZ variable is considered unsafe if any
of the following are true:
- +o It consists of a fully-qualified path name that
- does not match the location of the _z_o_n_e_i_n_f_o
- directory.
+ +o It consists of a fully-qualified path name,
+ optionally prefixed with a colon (':'), that does
+ not match the location of the _z_o_n_e_i_n_f_o directory.
+o It contains a _._. path element.
--- a/doc/sudoers.man.in
+++ b/doc/sudoers.man.in
@@ -1613,8 +1613,9 @@ format vulnerabilities in poorly-written
is considered unsafe if any of the following are true:
.RS 16
.IP "\(bu" 4
-It consists of a fully-qualified path name that does not match
-the location of the \fIzoneinfo\fR directory.
+It consists of a fully-qualified path name, optionally prefixed with a
+colon (':'), that does not match the location of the \fIzoneinfo\fR
+directory.
.IP "\(bu" 4
It contains a \fI..\fR path element.
.IP "\(bu" 4
|