There are several ways to configure Confluence so that web-sudo (password-confirmation for admin options) is not available at all. See
CONF-20958. In 3.4 (maybe 3.3 too) setting any of these options prevents saving the security configuration.
When an admin tries to change the security configuration, they are always returned to the edit screen, and are given no feedback.
There is a bug in the security config validation where it checks for valid values of the websudo options, even though none are submitted from the form and none are used.
The worst part of this bug is that the validation is a field error, which would usually be displayed underneath the field with the error. Since the field is not displayed at all in this case, there is no feedback to the user about the validation problem at all.