Bug 100

Summary: "mail_no_user" doesn't work
Product: Sudo Reporter: Gerd Bitzer <johncoltrane39>
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED WONTFIX    
Severity: low    
Priority: low    
Version: 1.6.6   
Hardware: IBM   
OS: AIX   

Description Gerd Bitzer 2003-02-18 03:53:32 MST 
I have just installed a precompiled binary version 1.6.6.0 from
http://www.bullfreeware.com/listaix43.html from May 3 2002 on a AIX system
running AIX 4.3.

When creating a new user (in this case named "teschd") which is definitifely not
listed in the "sudoers" file, I get the errormessage 

---
DTEADM01 : Feb 18 11:03:25 2003 : teschd : 3 incorrect password attempts ; TTY=p
ts/1 ; PWD=/home/teschd ; USER=root ; COMMAND=/usr/bin/pwdck -n ALL             
---

which is incorrect in my opinion. 

The binary seems to be compiled with "mail_no_user = on" (symbolic), here the
output of "sudo -V":

---
Sudo version 1.6.6

Authentication methods: 'passwd'
Syslog facility if syslog is being used for logging: local2
Syslog priority to use when user authenticates successfully: notice
Syslog priority to use when user authenticates unsuccessfully: alert
Send mail if the user is not in sudoers
---

This behaviour isn't influenced through using "mail_no_user" keyword in the
"sudoers" File, the case is always misidentified as "incorrect password", and
therefore no "mail_no_user" mail is sent. But with "Defaults mail_badpass" an
mail is sent.

Hopefully this report is comprehensible :-). Feel free to contact me for further
investigations.
Comment 1 Todd C. Miller 2003-03-13 18:48:20 MST 
If the user in question had entered the correct password then mail would have been sent.  I suppose it would make sense to send mail even though the password was not entered correctly, though in an open lab where a user has left their terminal unattended this could result in false positives.