I reviewed sudo-common version 1.2ubuntu as checked into resolute. This is not a full audit, and in fact it is significantly reduced from the usual review process because the full source code almost fits on one terminal.
The PAM files look good. The configuration looks good. There's some discussion about changing the defaults to show asterisks while typing passwords on https://github.com/trifectatechfoundation/sudo- rs/issues/1300 and I'm fine with that change. (I know it'll look and feel weird to me after something like three decades of not seeing them, but I'll cope. I think it'll be a big usability improvement for people who are new to sudo, and if it bugs you then you probably know your way around the system well enough to turn it back off again in a few minutes.) Security team ACK for promoting sudo-common to main. ** Bug watch added: github.com/trifectatechfoundation/sudo-rs/issues #1300 https://github.com/trifectatechfoundation/sudo-rs/issues/1300 ** Changed in: sudo-common (Ubuntu) Status: New => In Progress ** Changed in: sudo-common (Ubuntu) Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2139408 Title: [MIR] sudo-common To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sudo-common/+bug/2139408/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
