LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

People's reaction to this is just stupid.

People's reaction to this is just stupid.

Posted Nov 20, 2009 2:29 UTC (Fri) by khc (subscriber, #45209)
In reply to: People's reaction to this is just stupid. by drag
Parent article: Fedora 12 lets unprivileged users install packages

If you run sudo from one console then that gives unlimited root access to any sudo command without prompting for a password for a period of time for every instance of that user's account.
That is not true (at least by default) in ubuntu. If I give sudo password in one terminal, running it again *in another terminal* requires me to enter the password again.

(Log in to post comments)

People's reaction to this is just stupid.

Posted Nov 20, 2009 2:36 UTC (Fri) by foom (subscriber, #14868) [Link]

That does nothing for security, however. There is no security barrier between two terminals running
as the same UID: The second terminal is just a ptrace() away from making the first terminal run
sudo for it...

People's reaction to this is just stupid.

Posted Nov 20, 2009 12:26 UTC (Fri) by hppnq (guest, #14462) [Link]

You can't ptrace() sudo, and you can't run sudo with suid if the parent is traced. It is not that stupid. ;-)

(Obviously, if you have a terminal you have other ways to snoop passwords.)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds