[sudo-workers] Is there a way to avoid get_net_ifs() when the information won't be used?

Todd C. Miller Todd.Miller at courtesan.com
Wed Jan 22 16:52:05 MST 2014

The network interfaces are used to match based on IP address in
sudoers.  See plugins/sudoers/match_addr.c for details.  You can
disable this using the --without-interfaces configure option.

Are you using either the LDAP or SSD backends?  It appears those
backends check all values against the list of network interfaces,
even if the value doesn't look like an IP address.

 - todd

More information about the sudo-workers mailing list