Learn more about these different git repos.
Other Git URLs
https://bugzilla.redhat.com/show_bug.cgi?id=883947 (Fedora)
I went through the sssd 1.9.2 source code and identified potential LDAP filter injection issues: src/providers/ldap/ldap_auth.c: get_user_dn() username src/providers/ldap/sdap_sudo.c: sdap_sudo_build_host_filter() hostnames, ip_addr src/providers/ldap/sdap_async_groups.c: sdap_process_missing_member_2307() member_name src/providers/ldap/ldap_id_cleanup.c: cleanup_groups() dn src/providers/ldap/ldap_id_cleanup.c: netgr_translate_members_send() dn_item->dn src/providers/ipa/ipa_hosts.c: ipa_host_info_send() hostname src/tools/sss_cache.c: init_context() user, group, netgroup, map src/tools/sss_groupshow.c: group_show_trim_memberof() memberofs, dn src/db/sysdb_ssh.c: sysdb_get_ssh_host() name src/db/sysdb_ops.c: sysdb_add_user() name, alias_el->values[i].data src/db/sysdb_ops.c: sysdb_delete_user() name src/db/sysdb_sudo.c: sysdb_get_sudo_filter() username, groupnames (Format is file name, function name, variable name) The situation is a bit like SQL injection, except that LDAP filters should not be as powerful as SQL statements, so this is probably just a correctness issue and not a security problem (unless it allows altering the results of queries in interesting ways). An interface which separates query parameters from the query structure would be desirable as a replacement for all this string concatenation.
Fields changed
blockedby: => blocking: => coverity: => design: => design_review: => 0 feature_milestone: => fedora_test_page: => milestone: NEEDS_TRIAGE => SSSD 1.10 beta testsupdated: => 0
selected: => Not need
Moving tickets that are not a priority for SSSD 1.10 into the next release.
milestone: SSSD 1.10 beta => SSSD 1.11 beta
mark: => 0
changelog: => milestone: SSSD 1.13 beta => SSSD 1.13 backlog priority: major => minor review: => 1
Mass-moving tickets not planned for the next two releases.
Please reply with a comment if you disagree about the move..
milestone: SSSD 1.13 backlog => SSSD 1.15 beta
Suggest to defer.
selected: Not need => May sensitive: => 0
milestone: SSSD Future releases (no date set yet) => SSSD Patches welcome
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD Patches welcome
Thank you for taking time to submit this request for SSSD. Unfortunately this issue was not given priority and the team lacks the capacity to work on it at this time.
Given that we are unable to fulfill this request I am closing the issue as wontfix.
If the issue still persist on recent SSSD you can request re-consideration of this decision by reopening this issue. Please provide additional technical details about its importance to you.
Thank you for understanding.
Metadata Update from @pbrezina: - Issue close_status updated to: wontfix - Issue status updated to: Closed (was: Open)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2738
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.