Bug 545684 - sudoers: add user not validate input values for 'host', 'commnads' and 'user'
sudoers: add user not validate input values for 'host', 'commnads' and 'user'
Status: CLOSED WONTFIX
Product: RHQ Project
Classification: Other
Component: Configuration (Show other bugs)
1.4
All Linux
low Severity low (vote)
: ---
: ---
Assigned To: RHQ Project Maintainer
: SubBug
Depends On:
Blocks: rhq_triage
  Show dependency treegraph
 
Reported: 2009-12-09 00:04 EST by Rajan Timaniya
Modified: 2014-05-16 16:12 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-05-16 16:12:22 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Rajan Timaniya 2009-12-09 00:04:26 EST
Description of problem:
sudoers: add user not validate input values for 'host', 'commnads' and 'user'

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Log into iManage platform with appropriate credential
2. Select appropriate agent and  its sudoers service
3. Click on 'CONFIGURE' tab
4. Click on 'EDIT' and then 'Add New'
5. Input following details:
	User/Group: testboy
	Hosts Alias: all
	Command: all
	Run as User: all
	Tag Specification: No (select 'No')
6. Click on 'OK' button
7. Click on 'SAVE' button
  
Actual results:
The given below line append to /etc/sudoers
testboy all = (all) NOPASSWD : all

Log in as 'testboy' and try to access some command using sudo
	su – testboy
	sudo ls /lost+found
It give the the sudoers file: syntax error
>>> sudoers file: syntax error, line 99 <<<

sudo: parse error in /etc/sudoers near line 99   

Expected results:
Verify that iManage sudoers plugin should validate input values before write to configuration file and give user error/alert message if require

Additional info:
Comment 1 wes hayutin 2010-02-16 11:59:14 EST
Temporarily adding the keyword "SubBug" so we can be sure we have accounted for all the bugs.

keyword:
new = Tracking + FutureFeature + SubBug
Comment 2 wes hayutin 2010-02-16 12:04:04 EST
making sure we're not missing any bugs in rhq_triage
Comment 3 Corey Welton 2010-10-05 09:08:25 EDT
Lowering severity/priority - not an enterprise plugin

Note You need to log in before you can comment on or make changes to this bug.