[sudo-workers] sudo .ldaprc handling
lcars at gentoo.org
Mon Dec 19 02:59:20 EST 2005
while dealing with the following bug
http://bugs.gentoo.org/show_bug.cgi?id=107634 someone pointed out this
fragment of code in relation to it from env.c:
* Prevent OpenLDAP from reading any user dotfiles
* or files in the current directory.
if (nep < ne_last)
*nep++ = "LDAPNOINIT=1";
errx(1, "internal error, attempt to write outside newenv");
It's suspected to be related to that bug, but honestly I don't think that's
the case. Anyway my question is, what's exactly the purpose of this?
Sudo is setuid and it runs as root, it's never meant to open any
/home/$user/.ldaprc file in the first place and only root's one if any will
be considered as expected. Am I missing something?
Andrea Barisani <lcars at gentoo.org> .*.
Gentoo Linux Infrastructure Developer V
PGP-Key 0x864C9B9E http://dev.gentoo.org/~lcars/pubkey.asc ( )
0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E ^^_^^
"Pluralitas non est ponenda sine necessitate"
More information about the sudo-workers