Learn more about these different git repos.
Other Git URLs
Currently only a small subset of infopipe methods performs access check. This affects only older branches then 2.x.
Steps to reproduce: 1. Call an infopipe method as a user not-listed in [ifp] allowed_uids 2. Without fix the access is granted
E.g.
$ dbus-send --print-reply --system --dest=org.freedesktop.sssd.infopipe /org/freedesktop/sssd/infopipe/Users org.freedesktop.sssd.infopipe.Users.FindByName string:user-1
Metadata Update from @pbrezina: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1660687
Metadata Update from @pbrezina: - Issue assigned to pbrezina
This is fixed since 2.0. The security impact is low (by default only posix attributes are available) and we could break users applications that relies on the fact that the data is available to everyone therefore we should not fix it in 1.16 where such change is unacceptable.
Metadata Update from @pbrezina: - Issue close_status updated to: wontfix - Issue status updated to: Closed (was: Open)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/5068
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.