cross-platform virus

[John]

Peter Garrett wrote:
> On Sun, 09 Apr 2006 21:12:09 +1000
> Sasha Tsykin <stsykin at gmail.com> wrote:
> 
> 
>>Yuki Cuss wrote:
>>
>>>On Sun, 2006-04-09 at 10:49 +1000, Peter Garrett wrote:
>>>
>>>>Indeed, you are right - perhaps the sudo "ticket" in this case should
>>>>apply only for the app concerned. Not sure if that is possible, but this
>>>>does look like a loophole.... Any app requiring sudo seems to open happily
>>>>without a password  if started after, say, synaptic during the time out
>>>>period.   : (  ...
>>>
>>>Not a loophole at all; that's the entire *point* of sudo - that it won't
>>>ask for another password. That usefulness is greatly reduced when you
>>>start saving tokens per-program/command line.
>>>
>>> - Yuki.
>>>
>>
>>But it is at least arguable that this is an insecure practice. It may be 
>>"the point," but that does not make it a good idea necessarily.

bash can be configured to run stuff when users logout.

One imagins gksudo (and the KDE equivalent) could be altered to run 
stuff when they end.

sudo can be run to delete its tickets.



>>
>>Sasha
> 
> 
> Actually, saying that it is "the entire point" strikes me as fairly absurd.
> The "sudo" method has historically been used mainly as a way to avoid
> having to dish out root privlleges, and as a way to exert control over who

For that, it's fairly limited. For example, one who can create accounts 
can control the entire system by creating a user accound with uid=0

> is permitted which privileges in an organisation.
> 
> Peter
> 
> P.S. Again, Sasha, and Yuki - why are you sending direct and CC ing the
> list? It is incredibly annoying, as Cybe R. Wizard has pointed out.
> 
> Nobody else seems to do it, and a normal "Reply to List" just sends back

Many email clients do no have "reply to list." Until they have, the 
proper configuration for the list is one that works for most common 
email clients - set reply-to:.