From andrew@sally.ugh.net.au  Fri Jul 19 11:53:06 1996
Received: from sally.ugh.net.au (celeste.hobart.tased.edu.au [147.41.41.101])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id LAA12748
          for <FreeBSD-gnats-submit@freebsd.org>; Fri, 19 Jul 1996 11:53:02 -0700 (PDT)
Received: (from andrew@localhost) by sally.ugh.net.au (8.7.5/8.7.3) id EAA02330; Sat, 20 Jul 1996 04:52:53 +1000 (EST)
Message-Id: <199607191852.EAA02330@sally.ugh.net.au>
Date: Sat, 20 Jul 1996 04:52:53 +1000 (EST)
From: andrew@ugh.net.au
Reply-To: andrew@ugh.net.au
To: FreeBSD-gnats-submit@freebsd.org
Subject: Default sudoers file
X-Send-Pr-Version: 3.2

>Number:         1405
>Category:       ports
>Synopsis:       sudoers file that comes with the sudo package for 2.1.5 has users already added.
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:
>Keywords:
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jul 19 12:00:01 PDT 1996
>Closed-Date:    Fri Jul 19 14:01:04 PDT 1996
>Last-Modified:  Fri Jul 19 14:03:09 PDT 1996
>Originator:     Andrew
>Release:        FreeBSD 2.1-STABLE i386
>Organization:
>Environment:

FreeBSD-2.1.5. sudo 1.4

>Description:

When adding the sudo package for 2.1.5 a sudoers file is installed that already contains certain users (jkh, gpalmer, asami). Admittedly quite respectable people but if someone had users with the same logins on their machine those users would presumably have root access between the time root installs sudo and root modifies the sudoers file.


>How-To-Repeat:

pkg-add sudo-1.4.tgz

The sudoers file is in /usr/local/etc.

>Fix:
	
Remove these users from the sudoers file before taring the port.
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: asami 
State-Changed-When: Fri Jul 19 14:01:04 PDT 1996 
State-Changed-Why:  
I'm sorry...as you can probably tell, the sudoers file was taken from 
one of our machines here. ;) 

I have just changed the way the port and package installs the sudoers 
file, by making it always install sudoers.sample (and using that for 
the package) and copying it onto sudoers only if it doesn't already 
exist. 
>Unformatted:
