From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Thu, 11 Nov 2004 17:22:30 +0000 (+0000)
Subject: A user can always list their own entries, even with -u.
X-Git-Tag: SUDO_1_7_0~842
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=541908f1bd1ec5ea447a4d1cf861b0b35cd2e559;p=sudo

A user can always list their own entries, even with -u.
Better error message when failing to list another user's entries.
---

diff --git a/logging.c b/logging.c
index 703582cfe..4f6f53f3e 100644
--- a/logging.c
+++ b/logging.c
@@ -322,7 +322,8 @@ log_auth(status, inform_user)
 	    (void) fprintf(stderr,
 		"Sorry, user %s is not allowed to execute '%s%s%s' as %s on %s.\n",
 		user_name, user_cmnd, user_args ? " " : "",
-		user_args ? user_args : "", *user_runas, user_host);
+		user_args ? user_args : "",
+		list_pw ? list_pw->pw_name : *user_runas, user_host);
     }
 
     /*
diff --git a/parse.c b/parse.c
index e475c1fef..93c9cb1cd 100644
--- a/parse.c
+++ b/parse.c
@@ -120,6 +120,7 @@ sudoers_lookup(pwflag)
 		    for (cs = priv->cmndlist; cs != NULL; cs = cs->next) {
 			/* Only check the command when listing another user. */
 			if (user_uid == 0 || list_pw == NULL ||
+			    user_uid == list_pw->pw_uid ||
 			    cmnd_matches(user_cmnd, user_args, cs->cmnd) == TRUE)
 				matched = TRUE;
 			if ((pwcheck == any && nopass != TRUE) ||