$Id: RELEASENOTES,v 1.2 2004/11/15 00:26:30 hbo Exp $ Version 2.1.2 New Option to sudoshell ======================= The"-" option has been added to ss/sudoshell. This sets the $HOME environment variable to that of the user ss will become. This causes the shall (bash, at least) to load the target user's environment instead of the calling user's. Bug Fixes ========= Several bug fixes from Conrad Link: o Using SIGHUP to signal ss from ssd is a security hole. Use SIGWINCH instead. o Log size was only incrementing by one each time in ssd. o Corner case: if sudoers entry neglects the Runas: directive, allowing root access in error, AND the -u parameter to ss is a wildcard, then the ss user can obtain a root shell by specifying a non-existent user that matches the pattern. Version 2.1.1 Configuration Changes ===================== Group Name Change ----------------- The 'sudoscripters' group has been renamed to 'ssers' to support systems whose group names are limited to 8 characters. This means that the sudoscripters group must be renamed to ssers in the /etc/group file. If you don't do this, ss -u will complain that the logging FIFO is unavailable, and will refuse to run. This only affects installations where not-root shells are being enabled by sudoscript. Daemon removes /var/run/sudoscript ---------------------------------- The sudoscriptd daemon will completely remove and recreate /var/run/sudoscript when it starts. This ensures proper ownership and modes. Daemon restart necessary when enabling non-root shells ------------------------------------------------------- As part of configuring sudoscript to enable non-root shells, an 'ssers' group is added to /etc/group. If that group exists when the daemon is started, it will set permissions on /var/run/sudoscript to allow that group access to the FIFOs. To ensre that these permissions get set properly, the daemon must be restarted after the ssers group is added. Platform Additions ================== Support for NetBSD has been added. Packages and ports for FreeBSD, OpenBSD and NetBSD are now part of the distribtion. Documentation Changes ===================== The procedure for setting up non-root shells is better documented. The SUDOCONFIG file contains these instructions. The new sudoscript(8) man page is a road map to the documentation installed along with sudoscript.