[sudo-commits] sudo changeset 12496:c49fb26a6435
Todd C. Miller
Todd.Miller at sudo.ws
Thu Jun 18 19:07:10 MDT 2020
changeset: 12496:c49fb26a6435 in /raid/repos/sudo
details: https://www.sudo.ws/repos/sudo/rev/c49fb26a6435
user: Todd C. Miller <Todd.Miller at sudo.ws>
date: Wed Jun 03 20:12:04 2020 -0600
Log Message:
When converting LDAP to sudoers, ignore entries with no sudoHost attribute.
Otherwise, sudo_ldap_role_to_priv() will treat a NULL host list as
as the "ALL" wildcard. This regression was introduced in sudo 1.8.23,
which was the first version to convert LDAP sudoRole objects to
sudoers internal data structures.
Thanks to Andreas Mueller for reporting and debugging this problem.
diffstat:
plugins/sudoers/ldap.c | 195 ++++++++++++++++++++++++----------------
plugins/sudoers/sssd.c | 238 ++++++++++++++++++++++++++----------------------
2 files changed, 244 insertions(+), 189 deletions(-)
More information about the sudo-commits
mailing list