> Am 16.11.2016 08:08, schrieb Samuel Rakitničan: > > You can change the default behaviour in "/etc/sudoers" or (better) by > adding a file in "/etc/sudoers.d". > > If you want to keep the users path, add: > > Defaults env_keep += "PATH" > Defaults !secure_path > > or to change the (default) secure path, just add > > Defaults secure_path = /your/path/here:/as/usual
File in /etc/sudoers.d is neat, thanks. But I am hoping we can came up with a new default setting or is there a reason not to include anything else? I was thinking about it some more, and I think this setting does more harm then good. It limits what users can do but it doesn't stop them to bypass it with a simple alias sudo="sudo PATH=$PATH". So in my opinion the original "If you don't trust the people running sudo to have a sane PATH environment variable you may want to use this." kind of defeats its purpose. _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
