isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sudoers_policy_list: do not set runas_pw to list_pw when listing

Browse Source 
This change introduced in sudo 1.9.13 is not actually needed.  The
"list" pseudo-command checks are performed via runas_matches_pw()
which does not use runas_pw.  GitHub issue #248
This commit is contained in:
Todd C. Miller
2023-03-03 11:16:44 -07:00
parent d9e9307d98
commit 452d63d6c1
1 changed files with 0 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
plugins/sudoers/policy.c
View File

@@ -1270,11 +1270,6 @@ sudoers_policy_list(int argc, char * const argv[], int verbose,
sudo_warnx(U_("unknown user %s"), list_user);
debug_return_int(-1);
}
/* A user may only list another user they have runas access to. */
if (runas_pw != NULL)
sudo_pw_delref(runas_pw);
runas_pw = list_pw;
sudo_pw_addref(list_pw);
}
ret = sudoers_policy_main(argc, argv, I_LISTPW, NULL, verbose, NULL);
if (list_user) {