Bug 402 – sudo requires a tty even if -S is used

Bug 402 - sudo requires a tty even if -S is used


Summary:	sudo requires a tty even if -S is used

Status:	RESOLVED INVALID

Product:	Sudo
Classification:	Unclassified
Component:	Sudo
Version:	1.7.2
Hardware:	PC Linux

Importance:	low normal
Assigned To:	Todd C. Miller

URL:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2010-04-03 11:52 MDT by Paul Fox
Modified:	2010-05-07 13:04 MDT (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Paul Fox 2010-04-03 11:52:10 MDT

sudo requires a tty if "requiretty" is specified in /etc/sudoers, even if the calling application specifies the -S option.

On some servers, this prevents non-terminal applications from using sudo and passing the password to STDIN. The option "requiretty" should be enforced only if the user of sudo does not explicitly disable the "terminal mode" with -S (confirming that terminal echo does not need to be disabled).

Comment 1 Todd C. Miller 2010-05-07 13:04:43 MDT

The" requiretty" option is behaving as intended; the user should not be able to override the requirement for a tty specified in sudoers via a command line flag.

If you simply wish to prevent a password from being echoed to the standard output in the normal case there is no need to use the "requiretty" option.  Since version 1.7.0 sudo will refuse to read a password if no tty is present and the -S flag was not specified unless the "visiblepw" option is enabled in sudoers.