[sudo-commits] sudo changeset 12496:c49fb26a6435

Todd C. Miller Todd.Miller at sudo.ws
Thu Jun 18 19:07:10 MDT 2020

changeset:	12496:c49fb26a6435 in /raid/repos/sudo
details:	https://www.sudo.ws/repos/sudo/rev/c49fb26a6435
user:		Todd C. Miller <Todd.Miller at sudo.ws>
date:		Wed Jun 03 20:12:04 2020 -0600

Log Message:
	When converting LDAP to sudoers, ignore entries with no sudoHost attribute.
	Otherwise, sudo_ldap_role_to_priv() will treat a NULL host list as
	as the "ALL" wildcard.  This regression was introduced in sudo 1.8.23,
	which was the first version to convert LDAP sudoRole objects to
	sudoers internal data structures.
	Thanks to Andreas Mueller for reporting and debugging this problem.


 plugins/sudoers/ldap.c |  195 ++++++++++++++++++++++++----------------
 plugins/sudoers/sssd.c |  238 ++++++++++++++++++++++++++----------------------
 2 files changed, 244 insertions(+), 189 deletions(-)

More information about the sudo-commits mailing list