sudo and /etc/sudoers
jshholland at googlemail.com
Sun Dec 28 00:04:54 UTC 2008
On Sun, 2008-12-28 at 10:01 +1000, Res wrote:
> eerrrr sudo caches auth timestamp as you mentioned, its a security risk if
> you close the window, and someone opens it up when you go for a coffee
> and types sudo -i and has a root on your box, no passwd required, sure
> youd have to be unlucky, but it by default exists, at elast when I logout,
> no one gets root axs here.
Sorry to keep this thread alive but 'sudo -k' kills the timestamp.
Josh Holland aka madmartian
Find me on #ubuntu-uk
My system: Dell Inspiron 1300 with fully up-to-date Intrepid
Intel Celeron M 1.70 GHz, 512 MB
More information about the ubuntu-users