Added untracked files from compat.

Removed unused login_style variable on Linux. Is only

used when using BSD authorization.

Fixed typo in README file.

Removed the transfer of most environment variables, such as USER, HOME,

and PATH from the original user to the target user. This could cause
files in the wrogn path or home directory to be read (or written to),
which resulted in potential security problems.

This has been changed so that only DISPLAY and TERM are passed to the
new environment. This is fine for running command line programs. When
GUI programs need to be run, "keepenv" can be added to the user's
doas.conf entry. This results in variables like HOME being copied
to the target user, allowing GUI programs to run.

Many thanks to Sander Bos for reporting this issue and explaining
how it can be exploited.

This commit also adds the ability to pass a customized PATH to
target users. The new PATH can be set at compile time in the
Makefile. The default path is provided in the Makefile and commented
out.

Merge branch 'netbsd'

Minor fixes to avoid compiling error on FreeBSD following Linux fixes.

Updated doas.c with patch from arthepsy. Fixes -n flag

so if a password prompt is required, doas will automatically fail.

Fixed issue with port of doas searching the user's full path for

commands matching the "cmd" parameter in doas.conf. The path
should be shortened to system-standard paths. This prevents
the user from injecting their own application with a familiar
name in their PATH variable and tricking doas into running it.

Fixed issue with port of doas searching the user's full path for

commands matching the "cmd" parameter in doas.conf. The path
should be shortened to system-standard paths. This prevents
the user from injecting their own application with a familiar
name in their PATH variable and tricking doas into running it.

Tag to match FreeBSD port version.