From 452d63d6c1a778466723a9a38c9053f99b53f7f5 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 3 Mar 2023 11:16:44 -0700 Subject: [PATCH] sudoers_policy_list: do not set runas_pw to list_pw when listing This change introduced in sudo 1.9.13 is not actually needed. The "list" pseudo-command checks are performed via runas_matches_pw() which does not use runas_pw. GitHub issue #248 --- plugins/sudoers/policy.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/plugins/sudoers/policy.c b/plugins/sudoers/policy.c index 23eb4ae8d..b547693a9 100644 --- a/plugins/sudoers/policy.c +++ b/plugins/sudoers/policy.c @@ -1270,11 +1270,6 @@ sudoers_policy_list(int argc, char * const argv[], int verbose, sudo_warnx(U_("unknown user %s"), list_user); debug_return_int(-1); } - /* A user may only list another user they have runas access to. */ - if (runas_pw != NULL) - sudo_pw_delref(runas_pw); - runas_pw = list_pw; - sudo_pw_addref(list_pw); } ret = sudoers_policy_main(argc, argv, I_LISTPW, NULL, verbose, NULL); if (list_user) {