mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-30 22:05:46 +00:00
Code Issues Releases Wiki Activity

Fix the check for whether a user is allowed to lists another user's

Browse Source 
privileges.  The "matched" variable is not boolean, it can also
have the value UNSPEC so we need to check explicitly for true.
Bug #738
This commit is contained in:
Todd C. Miller
2016-02-26 09:32:08 -07:00
parent 5dd7ac20e1
commit 95dd64ea75
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
plugins/sudoers/sssd.c
View File

@@ -1137,13 +1137,13 @@ sudo_sss_lookup(struct sudo_nss *nss, int ret, int pwflag)
/* Only check the command when listing another user. */
if (user_uid == 0 || list_pw == NULL ||
user_uid == list_pw->pw_uid ||
sudo_sss_check_command(handle, rule, NULL)) {
sudo_sss_check_command(handle, rule, NULL) == true) {
matched = true;
break;
}
}
}
if (matched || user_uid == 0) {
if (matched == true || user_uid == 0) {
SET(ret, VALIDATE_SUCCESS);
CLR(ret, VALIDATE_FAILURE);
if (def_authenticate) {