Bug 700

Summary: Why a password challenge on "sudo -l"?
Product: Sudo Reporter: Robert Nix <nix.robert>
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED INVALID    
Severity: normal    
Priority: low    
Version: 1.8.6   
Hardware: PC   
OS: Linux   

Description Robert Nix 2015-06-17 08:31:13 MDT 
A user wants to check what sudo rights they have on a system. They enter the command "sudo -l", and if they have any granted rights, they are listed out, and the program exits. But, if they have no specifically granted rights, sudo prompts the user for their password. Why the password prompt, instead of just saying that the user has no elevated rights?
Comment 1 Todd C. Miller 2015-06-17 09:20:14 MDT 
"sudo -l" requires a password so that it is not possible for someone else to see a user's privileges in case there is an an unattended terminal (e.g. in a lab setting with multiple people).

If you want to allow "sudo -l" with no password you can just use the following in sudoers:

Defaults listpw=never

Users with sudoers privileges don't need to enter a password if they've used sudo within the past 5 minutes or if their privileges don't require a password to be entered.