sudo privileges should die faster
Chuck Vose
vosechu at gmail.com
Tue Dec 21 05:58:48 UTC 2004
Anyhow, getting back to the topic...
5 minutes is usually considered pretty good since someone trying to
access would have to be using the same terminal (ie: you can't use
tty4 instead of tty1) and would have to be darn quick about hitting
sudo passwd before you return from the potty.
Fortunately, if you're really worried you can change this or
invalidate it entirely. sudo -k or sudo -K will cause the next use of
sudo to require a password by editing or removing (respictively) the
timestamp.
Or if you just want to change the time you can edit the /etc/sudoers
file (with visudo) and change the timeout there. I don't know the
exact commands but I know it can be done.
In essence, the people that program this sort of thing are usually of
the paranoid penguin variety. Most likely there's only one or two
programs that're checked over by more security professionals than
sudo. I wouldn't worry too much, the choice is yours to simply delete
the damn thing anyways :)
-Chuck
More information about the ubuntu-users
mailing list