On Sat, Jan 21, 2006 at 12:03:26PM +0200, Simo Kauppi wrote:
On Fri, Jan 20, 2006 at 03:58:30PM -0600, Hugo Vanwoerkom wrote:
On Fri, Jan 20, 2006 at 08:02:33AM -0600, Hugo Vanwoerkom wrote:
Hi,
I just did a security upgrade with Sarge and got installed
sudo_1.6.8p7-1.3_i386.deb. But when I use sudo to get to synaptic I
get:
(synaptic:25937): Gtk-WARNING **: cannot open display:
Thanks! And a good guess. But what?
And this is in the sudoers manpage:
Lists that can be used in a boolean context:
...
env_check
Environment variables to be removed from the user's environment if
the variable's value contains %
or /
characters. This can be used to guard against printf-style format
vulnerabilities in poorly-written programs. The argument may be a
double-quoted, space-separated list or a single value without
double-quotes. The list can be replaced, added to, deleted from, or
disabled by using the =
, +=
, -=
, and !
operators respectively. The default list of environment variables
to check is printed when sudo is run by root with the -V option.
...
Sounds like Greek to me. Can anybody tell me what in fact one should
specify in sudoers?
Thanks!
H
In other words, env_check is a list of variables, whose value is
checked, and if they contain a '%' or a '/', they are blocked. So you
need to find out which variable is preventing the use, and put
env_check -= VARIABLE
into the /etc/sudoers, to disable its checking.
One good guess would be HOME.
The checking should be totally disabled if you put
env_check =