Bug 1011 – running sudo with UID only no longer possible

Bug 1011 - running sudo with UID only no longer possible


Summary:	running sudo with UID only no longer possible

Status:	RESOLVED INVALID

Product:	Sudo
Classification:	Unclassified
Component:	Sudo
Version:	1.9.8
Hardware:	PC Other

Importance:	low normal
Assigned To:	Todd C. Miller

URL:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2021-12-02 00:42 MST by arekm
Modified:	2021-12-02 06:54 MST (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description arekm 2021-12-02 00:42:28 MST

This was working at some point but doesn't anymore:

$ sudo -u '#1234' id
sudo: unknown user #1234

$ sudo --version
Sudo version 1.9.8p2
Sudoers policy plugin version 1.9.8p2
Sudoers file grammar version 48
Sudoers I/O plugin version 1.9.8p2
Sudoers audit plugin version 1.9.8p2

Comment 1 Todd C. Miller 2021-12-02 06:54:26 MST

From the upgrade notes:

    Starting with version 1.8.30, sudo will no longer allow commands
    to be run as a user or group ID that is not in the password or
    group databases by default.  Previously, sudo would always allow
    unknown user or group IDs if the sudoers entry permitted it,
    including via the "ALL" alias.  The old behavior can be restored
    by setting the new "allow_unknown_runas_id" Defaults setting
    in the sudoers file.