alacarte crashed with TypeError in on_item_tree_cursor_changed()

Binary package hint: alacarte

Hardy amd64

wanted to check the program associated with 'manage user and groups' by viewing the properties from main-menu. During this the application crashed.

Program is 'users-admin' and contains a security bug:

it ignores the setting in sudoers, where I have configured to use the 'target-password' instead of insecure 'user-password'. Here the line in 'sudoers:

Defaults !lecture,tty_tickets,!fqdn,targetpw,timestamp_timeout = 0

This definitely is a severe security issue, because it is absolutely useless to ask a user a second time for his password to gain administrative rights (he already logged in with the same PW).
I set up a genguine root-account, so I can use a simple password to comfortably log-in as a user, while the root-account is protected by a strong password. This password should be used to gain administrative rights!

ProblemType: Crash
Architecture: amd64
Date: Thu Feb 28 11:03:37 2008
DistroRelease: Ubuntu 8.04
ExecutablePath: /usr/bin/alacarte
InterpreterPath: /usr/bin/python2.5
NonfreeKernelModules: nvidia
Package: alacarte 0.11.4-0ubuntu1
PackageArchitecture: all
ProcCmdline: /usr/bin/python -OOt /usr/bin/alacarte
ProcEnviron:
 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
 LANG=de_DE.UTF-8
 SHELL=/bin/bash
PythonArgs: ['/usr/bin/alacarte']
SourcePackage: alacarte
Title: alacarte crashed with TypeError in on_item_tree_cursor_changed()
Traceback:
 Traceback (most recent call last):
   File "/usr/lib/python2.5/site-packages/Alacarte/MainWindow.py", line 437, in on_item_tree_cursor_changed
     item = items[iter][3]
 TypeError: could not parse subscript as a tree path
Uname: Linux 2.6.24-8-generic x86_64
UserGroups: adm admin audio cdrom dialout dip flohostnamey lpadmin netdev plugdev powerdev scanner uml-net vboxusers video