2007-08-29 20:45:09 +00:00
|
|
|
--- logging.c
|
|
|
|
|
+++ logging.c
|
|
|
|
|
@@ -465,7 +465,7 @@
|
|
|
|
|
#ifndef NO_ROOT_MAILER
|
|
|
|
|
static char *root_envp[] = {
|
|
|
|
|
"HOME=/",
|
|
|
|
|
- "PATH=/usr/bin:/bin",
|
|
|
|
|
+ "PATH=/usr/sbin:/bin:/usr/bin:/sbin",
|
|
|
|
|
"LOGNAME=root",
|
|
|
|
|
"USERNAME=root",
|
|
|
|
|
"USER=root",
|
|
|
|
|
--- pathnames.h.in
|
|
|
|
|
+++ pathnames.h.in
|
|
|
|
|
@@ -41,9 +41,10 @@
|
|
|
|
|
#define _PATH_DEVNULL "/dev/null"
|
|
|
|
|
#endif /* _PATH_DEVNULL */
|
|
|
|
|
|
|
|
|
|
-#ifndef _PATH_DEFPATH
|
|
|
|
|
-#define _PATH_DEFPATH "/usr/bin:/bin"
|
|
|
|
|
-#endif /* _PATH_DEFPATH */
|
|
|
|
|
+/*
|
|
|
|
|
+ * _PATH_DEFPATH included from <paths.h> contains only "/usr/bin:/bin"
|
|
|
|
|
+ */
|
|
|
|
|
+#define _PATH_DEFPATH "/usr/sbin:/bin:/usr/bin:/sbin"
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* NOTE: _PATH_SUDOERS is usually overriden by the Makefile.
|
2007-07-27 00:11:20 +00:00
|
|
|
--- env.c
|
|
|
|
|
+++ env.c
|
|
|
|
|
@@ -529,7 +529,7 @@
|
|
|
|
|
|
|
|
|
|
#ifdef SECURE_PATH
|
|
|
|
|
/* Replace the PATH envariable with a secure one. */
|
|
|
|
|
- if (!user_is_exempt()) {
|
|
|
|
|
+ if (!user_is_exempt() && def_env_reset) {
|
|
|
|
|
insert_env(format_env("PATH", SECURE_PATH, VNULL), &env, 1);
|
|
|
|
|
SET(didvar, DID_PATH);
|
|
|
|
|
}
|
|
|
|
|
--- find_path.c
|
|
|
|
|
+++ find_path.c
|
|
|
|
|
@@ -93,7 +93,7 @@
|
|
|
|
|
|
|
|
|
|
/* Use PATH passed in unless SECURE_PATH is in effect. */
|
|
|
|
|
#ifdef SECURE_PATH
|
|
|
|
|
- if (!user_is_exempt())
|
|
|
|
|
+ if (!user_is_exempt() && def_env_reset)
|
|
|
|
|
path = SECURE_PATH;
|
|
|
|
|
#endif /* SECURE_PATH */
|
|
|
|
|
if (path == NULL)
|
