Bug#368297: About the libgcrypt and OpenLDAP issue
Carlos Alberto Lopez Perez
clopez at igalia.com
Fri Apr 19 17:44:25 UTC 2013
On 19/04/13 19:25, Julien Cristau wrote:
> On Fri, Apr 19, 2013 at 19:07:02 +0200, Werner Koch wrote:
>
>> What about my suggestion on how to solve the problem?
>>
> If that "solution" is to have sudo itself call into libgcrypt, that
> doesn't sound like a solution at all. sudo doesn't know how libldap
> implements crypto, it doesn't care, and it shouldn't have to care IMO.
>
Also, is not only sudo the program that is broken, but *any* setuid
binary that chains into libldap->libgcrypt (aka calls getpwent() and
family). This includes among others: passwd, sudo and su
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20130419/59b39d79/attachment.pgp>
More information about the Pkg-gnutls-maint
mailing list