Bug 214

Summary: Sudo caches credentials after unauthorized use
Product: Sudo Reporter: Jonathan Brandmeyer <jbrandmeyer>
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: normal    
Priority: normal    
Version: 1.6.8   
Hardware: PC   
OS: Linux   

Description Jonathan Brandmeyer 2006-05-15 10:35:01 MDT 
Consider user Jon who is not in the sudoers file.
- Jon attempts to run a command under sudo.  He supplies his correct password. 
Since he is not in the sudoers file, "this incident will be reported"
- In a short time, root adds Jon to /etc/sudoers.
- Jon runs sudo again, but sudo does not ask for his credentials this time
(because the cache timeout has not expired since the last time).

Why does sudo cache the "valid" credentials of a non-authorized user in this
case?  I don't think that this could be exploited as a security bug, but it
still feels wrong.

Additional note: current version is 1.6.8p7 (Debian Sarge version 1.6.8p7-1.4)
Comment 1 Todd C. Miller 2007-07-06 10:24:31 MDT 
Sudo tests user authentication and sudoers permissions separately.  This is not a security issue, though I can see how it might be surprising.
Comment 2 Todd C. Miller 2007-07-20 07:38:00 MDT 
Fixed in 1.6.9