From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Mon, 6 Dec 1999 00:14:54 +0000 (+0000)
Subject: Don't ask the user for a password if the user is not allowed to run
X-Git-Tag: SUDO_1_6_1~8
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=b937889e885c26df4f563e8245595008f29df7a6;p=sudo

Don't ask the user for a password if the user is not allowed to run
the command and the authenticate flag (in sudoers) is false.
---

diff --git a/CHANGES b/CHANGES
index ae3a849b9..5dd835cb5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1204,3 +1204,6 @@ Sudo 1.6 released.
      runas specs, the latter ones may not be applied.
 
 379) #uid now works in a RunasAlias
+
+380) Don't ask the user for a password if the user is not allowed to run
+     the command and the authenticate flag (in sudoers) is false.
diff --git a/parse.c b/parse.c
index ab9f461c9..0f3b7b646 100644
--- a/parse.c
+++ b/parse.c
@@ -142,7 +142,10 @@ sudoers_lookup(check_cmnd)
      * Assume the worst.  If the stack is empty the user was
      * not mentioned at all.
      */
-    error = VALIDATE_NOT_OK;
+    if (def_flag(I_AUTHENTICATE))
+	error = VALIDATE_NOT_OK;
+    else
+	error = VALIDATE_NOT_OK | FLAG_NOPASS;
     if (check_cmnd == TRUE) {
 	error |= FLAG_NO_HOST;
 	if (!top)