Bug 105641

Summary: sudo function altered to insecure mode
Product: [openSUSE] SUSE LINUX 10.0 Reporter: Jonathon Robison <jrobiso2>
Component: SecurityAssignee: Security Team bot <security-team>
Status: RESOLVED WONTFIX QA Contact: E-mail List <qa-bugs>
Severity: Major    
Priority: P5 - None    
Version: Beta 2   
Target Milestone: ---   
Hardware: i586   
OS: All   
Whiteboard:
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Jonathon Robison 2005-08-18 17:47:32 UTC 
In Beta 2 (not sure about 1), when you use sudo, it is asking for ROOT's
password, not the users.  My user is in /etc/sudoers as jrobiso2 ALL=(ALL) ALL.
Normally, the user is asked to input his password to make sure he is who he says
he is. Now, it wants ROOT password!  This would require giving out root
password, which is the opposite purpose of what sudo controls exist for!
Comment 1 Ludwig Nussel 2005-08-19 07:27:40 UTC 
Well, you are free to configure it to behave this way on your system. See 
comments at "Defaults targetpw".