On 19/04/13 19:25, Julien Cristau wrote: > On Fri, Apr 19, 2013 at 19:07:02 +0200, Werner Koch wrote: > >> What about my suggestion on how to solve the problem? >> > If that "solution" is to have sudo itself call into libgcrypt, that > doesn't sound like a solution at all. sudo doesn't know how libldap > implements crypto, it doesn't care, and it shouldn't have to care IMO. >
Also, is not only sudo the program that is broken, but *any* setuid binary that chains into libldap->libgcrypt (aka calls getpwent() and family). This includes among others: passwd, sudo and su
signature.asc
Description: OpenPGP digital signature