Bug 288 – 5814354: sudo caches failed credentials, then succeeds ?

Bug 288 - 5814354: sudo caches failed credentials, then succeeds ?


Summary:	5814354: sudo caches failed credentials, then succeeds ?

Status:	RESOLVED FIXED

Product:	Sudo
Classification:	Unclassified
Component:	Sudo
Version:	1.6.9
Hardware:	Macintosh MacOS X

Importance:	low normal
Assigned To:	Todd C. Miller

URL:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2008-06-02 20:44 MDT by Disco Vince Giffin
Modified:	2008-06-10 18:15 MDT (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Disco Vince Giffin 2008-06-02 20:44:31 MDT

5814354:

I installed a clean system, and forgot to make my user an admin.  I tried sudo'ing, which failed.  Then I went to system prefs and promoted myself.  Then I replayed the sudo command in Terminal.

sudo never asked me to reauthenticate, even though I failed authorization the last time.

not sure if it's right or wrong, but it sure is weird.

Comment 1 Todd C. Miller 2008-06-10 18:15:00 MDT

This is not really a bug but I can see why it could be surprising.  In sudo 1.7 the timestamp is no longer updated if the user is not authorized by sudoers.