Bug 288

Summary: 5814354: sudo caches failed credentials, then succeeds ?
Product: Sudo Reporter: Disco Vince Giffin <vgiffin>
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: normal    
Priority: low    
Version: 1.6.9   
Hardware: Macintosh   
OS: MacOS X   

Description Disco Vince Giffin 2008-06-02 20:44:31 MDT 
5814354:

I installed a clean system, and forgot to make my user an admin.  I tried sudo'ing, which failed.  Then I went to system prefs and promoted myself.  Then I replayed the sudo command in Terminal.

sudo never asked me to reauthenticate, even though I failed authorization the last time.

not sure if it's right or wrong, but it sure is weird.
Comment 1 Todd C. Miller 2008-06-10 18:15:00 MDT 
This is not really a bug but I can see why it could be surprising.  In sudo 1.7 the timestamp is no longer updated if the user is not authorized by sudoers.