isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix "sudo -l command" in the LDAP and SSS backends when the command

Browse Source 
is not allowed.
This commit is contained in:
Todd C. Miller
2016-08-29 10:04:24 -06:00
parent 7918f7e7eb
commit 5b51b7f11a
2 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
plugins/sudoers/ldap.c
View File

@@ -2568,8 +2568,9 @@ sudo_ldap_display_cmnd(struct sudo_nss *nss, struct passwd *pw)
goto done;
for (i = 0; i < lres->nentries; i++) {
entry = lres->entries[i].entry;
if (sudo_ldap_check_command(ld, entry, NULL) &&
sudo_ldap_check_runas(ld, entry)) {
if (!sudo_ldap_check_runas(ld, entry))
continue;
if (sudo_ldap_check_command(ld, entry, NULL) == true) {
found = true;
goto done;
}