[sudo-users] sudoers bugs from debian
Didier Raboud
didier at raboud.com
Thu Apr 3 10:24:31 EDT 2008
Le vendredi, 22 février 2008 19.00:08 Todd C. Miller, vous avez écrit :
> In message <20080222002715.GA6231 at libra>
>
> so spake Justin Pryzby (justinpryzby):
> > # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=462445
> > forwarded 462445 sudo-users at sudo.ws
> > retitle 462445 sudo can segfault with valid pam configuration
>
> That's a legitimate sudo bug. It will be fixed in the next sudo
> release.
>
> > # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=306919
> > forwarded 306919 sudo-users at sudo.ws
> > retitle 306919 sudo -k with tty_tickets set doesn't revoke all/any of
> > the t imestamps
>
> It wasn't really my intent to remove all timestamps via -k/-K when
> tty_tickets are enabled. I can see how that might be useful, though
> I worry that there may be people relying on the current behavior.
> I'll have to think about it some more.
>
> Thanks for bringing these to my attention.
>
> - todd
Hi !
I have a bug that I think is similar to that one.
While using libpam-fprint with this in /etc/pam.d/common-auth
auth sufficient pam_fprint.so
auth required pam_unix.so nullok_secure
This is what I get :
didier at Tamino:~$ sudo -k
didier at Tamino:~$ sudo echo "1"
Scan right index finger on UPEK TouchStrip
1
didier at Tamino:~$ sudo echo "1"
Erreur de segmentation
So sudo segfaults. In my opinion, this is almost important severity. Is this
the same bug or should I report it a new time ?
Regards,
Didier
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/sudo-users/attachments/20080403/81260aaf/attachment.bin>
More information about the sudo-users
mailing list