Starting with version 1.8.0, sudo supports a modular framework that supports third-party policy and I/O logging plugins. In this framework, when a user runs sudo, the front-end queries a policy plugin to determine whether or not the command is to be allowed. If it is allowed, the policy plugin returns a description of how to run the command along with the argument vector and environment to pass to the execve() system call. While the command is being run, the I/O plugin, if any, is passed all ...
