Bugzilla – Bug 738
non-root user can list privileges of other users
Last modified: 2016-03-17 10:17:16 MDT
Configuration: - sudo configured with LDAP - user testuser with non-root privileges Logged as user testuser, it is possible to list the sudo privileges of another user (i.e. mike). This behavior is observed only if sudo is configured to use LDAP. testuser@server ~ $ id uid=90001(testuser) gid=90000(testgroup) groups=90000(testgroup) testuser@server ~ $ sudo -l [sudo] password for testuser: User testuser is not allowed to run sudo on server. testuser@server ~ $ sudo -l -U mike Matching Defaults entries for mike on this host: requiretty, env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY", env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY" User mike may run the following commands on this host: (ALL) ALL (ALL) ALL
Thanks for the report, I've just fixed this in https://www.sudo.ws/repos/sudo/rev/e8ed706fda03 The fix will be in the next sudo 1.8.16 beta, 1.8.16b2
Todd, Super fast response. Many thanks Cosmin
Sudo 1.8.16b2 is now available which includes the fix.
Fixed in 1.8.16, available now.