Bug 393 – sudo's #include functionality doesn't handle cycles

Bug 393 - sudo's #include functionality doesn't handle cycles


Summary:	sudo's #include functionality doesn't handle cycles

Status:	RESOLVED INVALID

Product:	Sudo
Classification:	Unclassified
Component:	Sudo
Version:	1.7.2
Hardware:	All All

Importance:	low normal
Assigned To:	Todd C. Miller

URL:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2010-02-09 10:47 MST by Todd C. Miller
Modified:	2010-06-08 16:08 MDT (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Todd C. Miller 2010-02-09 10:47:20 MST

Given the following /etc/sudoers file:

#include /etc/sudoers.local

Where the included file also has:

#include /etc/sudoers

sudo will keep opening and parsing the files until it runs out of file descriptors.  It should check the list of currently open include files and refuse to open one that is already open.

Comment 1 Todd C. Miller 2010-02-09 11:12:22 MST

Actually, sudo will only open a max of 128 sudoers files at any one time so it will not consume all descriptors.