--- embedaddon/sudo/plugins/sudoers/check.c	2013/07/22 10:46:12	1.1.1.4
+++ embedaddon/sudo/plugins/sudoers/check.c	2013/10/14 07:56:34	1.1.1.5
@@ -133,10 +133,10 @@ check_user(int validated, int mode)
      * Don't prompt for the root passwd or if the user is exempt.
      * If the user is not changing uid/gid, no need for a password.
      */
-    if (!def_authenticate || user_uid == 0 || user_is_exempt())
+    if (!def_authenticate || user_is_exempt())
 	goto done;
-    if (user_uid == runas_pw->pw_uid &&
-	(!runas_gr || user_in_group(sudo_user.pw, runas_gr->gr_name))) {
+    if (user_uid == 0 || (user_uid == runas_pw->pw_uid &&
+	(!runas_gr || user_in_group(sudo_user.pw, runas_gr->gr_name)))) {
 #ifdef HAVE_SELINUX
 	if (user_role == NULL && user_type == NULL)
 #endif