Bug 432 – sudoers does not like comments like "#2" (or any other digit)

Bug 432 - sudoers does not like comments like "#2" (or any other digit)


Summary:	sudoers does not like comments like "#2" (or any other digit)

Status:	ASSIGNED

Product:	Sudo
Classification:	Unclassified
Component:	Visudo
Version:	1.7.4
Hardware:	All Solaris 2.x

Importance:	normal high
Assigned To:	Todd C. Miller

URL:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2010-08-30 06:48 MDT by Andreas Koppenhoefer
Modified:	2010-08-30 11:12 MDT (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Andreas Koppenhoefer 2010-08-30 06:48:26 MDT

Comments in /etc/sudoers of the form
  "#" <digit> <any_char>*
result in a syntax error.
Example:
$ echo "#2" >/tmp/sudoers
$ visudo -c -f /tmp/sudoers
>>> /tmp/sudoers: syntax error near line 1 <<<
parse error in /tmp/sudoers near line 1

This bug is at least contained in versions 1.7.3 .. 1.7.4p3.
I assume this bug is vital on all platforms since we found it on HP-UX and Solaris.

Comment 1 Todd C. Miller 2010-08-30 11:12:18 MDT

The problem is that a line starting with #[0-9] could either be a user specification beginning with a uid or a comment.  There is not a good way for sudo to tell which it is.