A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.A vulnerability was found in sssd where, if a user was configured with no home directory set, sssd would return #039;/#039; instead of #039;#039; . This could impact services that restrict the user#039;s filesystem access to within their home directory through chroot.