diff options
author | Daniel Silverstone <dsilvers@digital-scurf.org> | 2019-01-19 11:43:26 +0000 |
---|---|---|
committer | Daniel Silverstone <dsilvers@digital-scurf.org> | 2019-01-19 11:43:26 +0000 |
commit | be9f2dcd6bf695c8c5f65b1a8a0f30ff58f8866b (patch) | |
tree | a5d2d040a8d7ab6accf2e5af02ad1fab00641c2b /testing | |
parent | 1a862c7c24638bfe0c7982b728049a162e2ad7e6 (diff) | |
download | gitano-be9f2dcd6bf695c8c5f65b1a8a0f30ff58f8866b.tar.gz |
admincommand: Fix 'as' to better hide bad usernames
Sometimes commands in their `_prep()` might need to assume
the user they're running as does actually exist. Since there's
only one user name guaranteed to exist (gitano-bypass) ensure
that when `as` runs against a user which doesn't exist, we run
the original command's `_prep()` against that user so that we
don't leak the non-existence of a username via a crash/traceback.
This fixes Debian bug #876078
Diffstat (limited to 'testing')
-rw-r--r-- | testing/02-commands-as.yarn | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/testing/02-commands-as.yarn b/testing/02-commands-as.yarn index 92d2428..15f82ff 100644 --- a/testing/02-commands-as.yarn +++ b/testing/02-commands-as.yarn @@ -60,7 +60,7 @@ in any way. WHEN testinstance, using adminkey, adds user other, using testinstance other AND testinstance adminkey runs as other whoami THEN stderr is empty - WHEN testinstance other, expecting failure, runs as badger whoami + WHEN testinstance other, expecting failure, runs as badger sshkey list THEN stdout is empty AND stderr does not contain badger |