[sudo-users] Filename globbing in /etc/sudoers causes very slow sudo command execution.
Robin Holt
holt at sgi.com
Mon Feb 9 14:18:32 EST 2009
On Mon, Feb 09, 2009 at 01:53:07PM -0500, Todd C. Miller wrote:
> In sudo 1.6.9 sudo uses glob() for pathname globbing which does
> look at the filesystem. Depending on the sudoers rules you have
> and your automount setup this could cause an automount storm.
>
> Using glob() fixes some real problems, for instance
> http://www.gratisoft.us/bugzilla/show_bug.cgi?id=143
>
> I am considering adding a option to allow users to switch back to
> the old method if they don't care about the issues it introduces.
How difficult would that be to implement? This is hindering us from
using 1.6.9 from the vendor. Could a patch be made available for their
version as well? I hope it sounds like I am groveling because that is
how I feel ;)
Thanks,
Robin
More information about the sudo-users
mailing list