Package: sudo Version: 1.7.4p4-2.squeeze.2 Severity: important
on debian 6.0.1, sudoedit(8) seems to clear the "you have entered your password more recently than $timestamp_timeout" ticket. it does honour existing tickets, but it seems to unconditionally clear them upon exit. example, executing all the following with less than $timestamp_timeout between commands: # sudo -l <get prompted for password> # sudo -l <don't have to enter password> # sudo -l <still don't have to enter password> # sudoedit somefile <still don't have to enter password> # sudo -l <get prompted for password> i tried this on two different 6.0.1 systems with the same results. also tried on a 5.0.8 system for control (same sudoers(5) file as 6.0.1) and sudoedit(8) does not clear the password as reported here. /etc/sudoers.d is not "includedir"ed in our config. -- System Information: Debian Release: 6.0.1 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/1 CPU core) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages sudo depends on: ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib ii libpam-modules 1.1.1-6.1 Pluggable Authentication Modules f ii libpam0g 1.1.1-6.1 Pluggable Authentication Modules l sudo recommends no packages. sudo suggests no packages. -- Configuration Files: /etc/sudoers.d/README [Errno 13] Permission denied: u'/etc/sudoers.d/README' -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
