sudo security concerns ?
Karl Hegbloom
hegbloom at pdx.edu
Thu Nov 25 21:59:31 CST 2004
On Thu, 2004-11-25 at 19:47 -0800, Karl Hegbloom wrote:
>
> Can sudo be configured, by default, to require a password EVERY time you
> run a sudo command?
Answering my own question, I find that adding ",timestamp_timeout=0" to
the end of the "Defaults" line in /etc/sudoers provides the desired
behaviour. Though it is slightly less convenient, I believe it is more
secure this way. Sooner or later, somebody out there will try and
exploit the sudo thing. This will make that harder to do.
Can this be made the default, please?
Hmmm. Now the root terminal won't work. It times out and fails to
launch the terminal after I enter my password. Perhaps gksu does not
implement 'timestamp_timeout'? Annoying.
--
Karl Hegbloom
(o_ mailto:hegbloom at pdx.edu
//\ jabber:karlheg at jabber.org
V_/_ yahoo:karlheg
More information about the ubuntu-devel
mailing list