Skip Menu |
 

From: ghudson@mit.edu
Subject: git commit

In ksu, without the -e flag, also check .k5users

When ksu was explicitly told to spawn a shell, a line in .k5users which
listed "*" as the allowed command would cause the principal named on the
line to be considered as a candidate for authentication.

When ksu was not passed a command to run, which implicitly meant that
the invoking user wanted to run the target user's login shell, knowledge
that the principal was a valid candidate was ignored, which could cause
a less optimal choice of the default target principal.

This doesn't impact the authorization checks which we perform later.

https://github.com/krb5/krb5/commit/3a32e1e6e644c6092f48cf6b6f2d0b8635b3dd52
Author: Nalin Dahyabhai <nalin@redhat.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: 3a32e1e6e644c6092f48cf6b6f2d0b8635b3dd52
Branch: master
src/clients/ksu/heuristic.c | 19 ++++++-------------
1 files changed, 6 insertions(+), 13 deletions(-)
Subject: ksu without -e ignores .k5users for default principal
My manual test for this was:

* I have tickets for ghudson@ATHENA.MIT.EDU
* Root's .k5login contains ghudson/root@ATHENA.MIT.EDU
* Root's .k5users contains ghudson@ATHENA.MIT.EDU (with or without "*"
following)
* "ksu -n ghudson" gives me a root shell (so we know ghudson has shell
access)
* Without the fix, "ksu" asks me for a password for ghudson/root, meaning
it chose a less-preferred default principal because it didn't detect that
ghudson has access.
* With the fix, "ksu" gives me a root shell on the basis of my ghudson
tickets.