[Bug 423252] Re: NSS using LDAP on Karmic breaks 'su' and 'sudo'
Howard Chu
hyc at symas.com
Sat Apr 17 21:16:40 BST 2010
Looking at the gcrypt code, it seems this bug should be reported against
that; this whole secmem implementation (1) requires a program to be
started as root (setuid) and (2) always drops the root priv when it has
initialized its secure memory. These behaviors would certainly interfere
with any setuid programs normal behavior. Seems like a design flaw in
libgcrypt, as the docs http://www.gnupg.org/documentation/manuals/gcrypt
/Initializing-the-library.html#Initializing-the-library state that the
application is responsible for controlling this behavior. Apps that are
unaware that they are using gcrypt (because it came in implicitly
through gnutls, thru libldap, thru nss) are SOL.
--
NSS using LDAP on Karmic breaks 'su' and 'sudo'
https://bugs.launchpad.net/bugs/423252
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in ubuntu.
More information about the Ubuntu-server-bugs
mailing list