Bug#198991: sudoers: Related security implications

[Bdale Garbee]

On Tue, 2009-03-03 at 21:39 -0600, Astrild wrote:
 Package: sudo
 Version: 1.6.9p17-2
 Followup-For: Bug #198991
 
 
 ok, this is quite simple, make sudo to always default to targetpw
 Not much to explain, there was a little bug in Suse with kdesu and when they 
 tried to solve it, they faced a sec hole of a sudoers with no targetpw, so 
 they set it up.
 
 Details here:
 http://lists.opensuse.org/opensuse-bugs/2007-01/msg00774.html

I don't understand what relationship you think this information has to
Debian bug 198991?

Bdale




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#198991: sudoers: Related security implications

[Astrild]

Package: sudo
Version: 1.6.9p17-2
Followup-For: Bug #198991


ok, this is quite simple, make sudo to always default to targetpw
Not much to explain, there was a little bug in Suse with kdesu and when they 
tried to solve it, they faced a sec hole of a sudoers with no targetpw, so they 
set it up.

Details here:
http://lists.opensuse.org/opensuse-bugs/2007-01/msg00774.html

-- System Information:
Debian Release: 5.0
  APT prefers proposed-updates
  APT policy: (500, 'proposed-updates'), (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=POSIX, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages sudo depends on:
ii  libc6 2.7-18 GNU C Library: Shared libraries
ii  libpam-modules1.0.1-5Pluggable Authentication Modules f
ii  libpam0g  1.0.1-5Pluggable Authentication Modules l

sudo recommends no packages.

sudo suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org