[sudo-users] Defaults authenticate "feature"?
Paul Stepowski
p.stepowski at qut.edu.au
Wed Dec 22 19:49:41 EST 2004
Hi,
Just something I noticed using the default flag authenticate.
When sudoers has:
Defaults authenticate
set (which is the default behaviour), the following commands
produce the following output:
---snip---
$ sudo -K
$ sudo date
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these two things:
#1) Respect the privacy of others.
#2) Think before you type.
Password:
Thu Dec 23 10:44:02 EST 2004
---snip---
When sudoers has:
Defaults !authenticate
set, the following commands produce the following output:
---snip---
$ sudo -K
$ sudo date
Thu Dec 23 10:45:22 EST 2004
---snip---
So when you disable user passwords, you're also disabling the
output of the sudo banner. This surprised me, I would have
thought the two would be independent. So IMHO, it violates
the principle of least surprise. It's not a big deal but I'm
curious if this was done deliberately.
Is this a feature or a bug?
Thanks,
Paul
More information about the sudo-users
mailing list