[unisog] sudowin 0.3.1-r143 released - bugfix release

Kutz, Schley Andrew a.kutz at its.utexas.edu
Wed Jan 10 14:46:12 GMT 2007

This release of sudowin is intended to correct two bugs, 1 minor and 1

- minor - This release corrects the problem where the console client
would not accept a zero-length password

- major - This release corrects the problem where any account in the
Sudoers group could create a remoting client and access the data source
that stored encrypted credentials.  The credentials in question ARE
encrypted, but a sudo user could still gain access to them.  This has
now been restricted to the built in account "NT AUTHORITY\SYSTEM".

If you are already using sudowin please download this update at


"Condensing fact from the vapor of nuance."

ITS at The University of Texas at Austin

name:	Schley Andrew Kutz, MCSD, GCWN, VCP-VI3
mail:	a.kutz at its.utexas.edu
work:	512.475.9246

More information about the unisog mailing list