Package: sudo
Version: 1.7.4p6-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu oneiric ubuntu-patch
The "mail_badpass" option should be enabled by default, since bad password
attempts mask attempts at running sudo when not allowed (mail_no_user,
etc).
Take the scenario of an attacker logged into a system without the local
system password (or without sufficient access to 2-factor auth), running
sudo. Failed password attempts are as important as notification about the
user not having sudo access in the first place.
Patch attached...
-Kees
--
Kees Cook @debian.org
Description: Enable mail_badpass by default, to avoid masking mail_no_user.
Author: Kees Cook <k...@ubuntu.com>
--- sudo-1.7.4p6.orig/defaults.c
+++ sudo-1.7.4p6/defaults.c
@@ -394,6 +394,7 @@ init_defaults()
#ifdef SEND_MAIL_WHEN_NO_USER
def_mail_no_user = TRUE;
#endif
+ def_mail_badpass = TRUE;
#ifdef SEND_MAIL_WHEN_NO_HOST
def_mail_no_host = TRUE;
#endif
--- sudo-1.7.4p6.orig/sudoers.pod
+++ sudo-1.7.4p6/sudoers.pod
@@ -722,7 +722,7 @@ This flag is I<off> by default.
=item mail_badpass
Send mail to the I<mailto> user if the user running B<sudo> does not
-enter the correct password. This flag is I<off> by default.
+enter the correct password. This flag is I<on> by default.
=item mail_no_host
--- sudo-1.7.4p6.orig/sudoers.man.in
+++ sudo-1.7.4p6/sudoers.man.in
@@ -849,7 +849,7 @@ This flag is \fIoff\fR by default.
.IP "mail_badpass" 16
.IX Item "mail_badpass"
Send mail to the \fImailto\fR user if the user running \fBsudo\fR does not
-enter the correct password. This flag is \fIoff\fR by default.
+enter the correct password. This flag is \fIon\fR by default.
.IP "mail_no_host" 16
.IX Item "mail_no_host"
If set, mail will be sent to the \fImailto\fR user if the invoking
