[sudo-commits] sudo changeset 12462:484d0d3b892e

Todd C. Miller Todd.Miller at sudo.ws
Wed Jun 3 20:24:30 MDT 2020

changeset:	12462:484d0d3b892e in /raid/repos/sudo
details:	https://www.sudo.ws/repos/sudo/rev/484d0d3b892e
user:		Todd C. Miller <Todd.Miller at sudo.ws>
date:		Wed Jun 03 20:12:04 2020 -0600

Log Message:
	When converting LDAP to sudoers, ignore entries with no sudoHost attribute.
	Otherwise, sudo_ldap_role_to_priv() will treat a NULL host list as
	as the "ALL" wildcard.  This regression was introduced in sudo 1.8.23,
	which was the first version to convert LDAP sudoRole objects to
	sudoers internal data structures.
	Thanks to Andreas Mueller for reporting and debugging this problem.


 plugins/sudoers/ldap.c |  195 ++++++++++++++++++++++++----------------
 plugins/sudoers/sssd.c |  238 ++++++++++++++++++++++++++----------------------
 2 files changed, 244 insertions(+), 189 deletions(-)

More information about the sudo-commits mailing list