tgetpass properly returns "" if the user actually typed the empty password and NULL if the user hit ^C, but sudo_conv in auth/pam.c does not distinguish between these return values. Here is a simple patch to correct this by returning PAM_CONV_ERR on NULL, causing a quick abort with an error.
<http://anders.kaseorg.com/pub/patches/sudo-1.7-ctrl-c-fix.patch> -- On Ctrl-C, sudo should exit immediately https://launchpad.net/bugs/38810 -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
