a4db0dcc17
- update to 1.8.3p2
* Fixed a format string vulnerability when the sudo binary
(or a symbolic link to the sudo binary) contains printf
format escapes and the -D (debugging) flag is used.
OBS-URL: https://build.opensuse.org/request/show/102195
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=37
In the default (ie unconfigured) configuration sudo asks for root password. This allows to use an ordinary user account for administration of a freshly installed system. When configuring sudo, please make sure to delete the two following lines: Defaults targetpw # ask for the password of the target user i.e. root %users ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!