A flaw was found in SSSD version 1.9.0. The SSSD’s access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user’s SELinux user context.
[
{
"product": "sssd",
"vendor": "sssd",
"versions": [
{
"status": "affected",
"version": "1.9.0"
}
]
}
]