millert
commented
1 month ago We can add a new configure option to just change the default value, but the naming can be confusing. It does appear that some packagers are using --with-secure-path so unfortunately we cannot change the meaning of that option. What do you think of --with-secure-path-value or --with-secure-path-default for the option name? I'm open to better names if you have any ideas.
Commit e0e24456bc3fcdf5506660be69186e01583ff383 was very helpful in enabling
secure_pathby default. It works with no surprises assecure_pathremains disabled internally and the user is able to comment out the relevant line in/etc/sudoersto restore the old behavior.One possible addition would be to provide a
./configureoption to specify a different default path.--with-secure-pathcannot be used for this as it will also defineSECURE_PATH, thus enabling it internally and preventing the user from simply commenting out the line in/etc/sudoers.I'm looking at it from a packager perspective, trying to use a different path [*] for
secure_pathwithout leaving the user to wonder why it remains active even when the line in/etc/sudoersis commented out. I tried to think of a clean way to implement this but in the end I had to patch the configure script to change the default value ofsecure_path.My understanding is that
--with-secure-pathshould continue to defineSECURE_PATHand thus enabling it internally (in addition to the sudoers file). This is desirable in order to maintain the semantics this option had before sudo 1.9.16. The question then becomes, is there a way to specify a different path while maintaining the ability to comment out the option in sudoers, and have it work the same as when--with-secure-pathis not used?[*]
/usr/local/sbin:/usr/local/bin:/usr/bin(default path used in Arch Linux, since/usr/sbin,/sbin, and/binare all symlinks to/usr/bin)