|
Bugzilla – Full Text Bug Listing |
| Summary: | sudo does not reset bad login count when successfully authenticated | ||
|---|---|---|---|
| Product: | Sudo | Reporter: | Larry <guyverdh> |
| Component: | Sudo | Assignee: | Todd C. Miller <Todd.Miller> |
| Status: | RESOLVED WONTFIX | ||
| Severity: | normal | ||
| Priority: | normal | ||
| Version: | 1.6.8 | ||
| Hardware: | HP | ||
| OS: | HP-UX | ||
Are you using PAM or sudo's natice TCB support? Report bugs to <bug-autoconf@gnu.org>." ac_cs_version="\ sudo config.status 1.6.8 configured by ./configure, generated by GNU Autoconf 2.57, with options \"\"--with-pam\" \"--with-logging=syslog\" \"--with-ignore-dot\" \"--with-timeout=1\" \"--with-password-timeout=1\" \"--with-tty-tickets\" \"--disable-root-sudo\" 'CC=gcc'\" Sudo 1.6.x is no longer supported and sudo now uses PAM by default on HP-UX 11.11 which should not have this problem. |
HP-UX 11.11 TCB enabled. When attempting to use the sudo command to execute a command, and user intentionally mis-types the password, can see the invalid login count increment via the getprpw -m culogin {user login} command. Once the user types the correct password in, and sudo executes the command passed to it, checking the getprpw -m culogin {user login} still shows the bad login count that had been reached when mis-typing the password. One has to open an SSH or telnet session to the box to reset the count.