From: Bdale Garbee <bdale@gag.com>
Date: Tue, 27 Jan 2009 18:45:36 +0000 (-0700)
Subject: patch from upstream for privilege escalation in certain sudoers configurations
X-Git-Tag: debian/1.6.9p17-2~2
X-Git-Url: https://git.gag.com/?a=commitdiff_plain;h=683f7747b7f4864523223e856e0ec7843abacb5c;p=debian%2Fsudo

patch from upstream for privilege escalation in certain sudoers configurations
---

diff --git a/parse.c b/parse.c
index 8c4a1e5..b1c7cd9 100644
--- a/parse.c
+++ b/parse.c
@@ -621,9 +621,11 @@ usergr_matches(group, user, pw)
     /*
      * If the user has a supplementary group vector, check it first.
      */
-    for (i = 0; i < user_ngroups; i++) {
-	if (grp->gr_gid == user_groups[i])
-	    return(TRUE);
+    if (strcmp(user, user_name) == 0) {
+	for (i = 0; i < user_ngroups; i++) {
+	    if (grp->gr_gid == user_groups[i])
+		return(TRUE);
+	}
     }
     if (grp->gr_mem != NULL) {
 	for (cur = grp->gr_mem; *cur; cur++) {