sudo lecture and sudo password prompt caching timeout

Todd C. Miller Todd.Miller at
Sat Apr 5 14:17:50 EST 2003

In message <200304051536.h35Fajq01495 at>
	so spake  (devzero):

> I want to enforce that there is no passwort caching timeout so that
> users ( maybe some - not all ) ALWAYS need to provide their password
> if "PASSWD" is specified in /etc/sudoers.  At the current time, I
> can only modify that behaviour at "configure" time on a global
> basis.  I would wish, that I  can put that into a config file, too.
> (and if possible on a per-user basis) This was an issue on this
> list some time ago (
> workers/2000-November/000146.html). I also think, this is an
> "inconsistency" because it will confuse some users (i have made
> that experience - I need to explain "sudo details" to users which
> I won`t need to explain, if that behaviour wouldn`t be there)

A line like the following in sudoers will cause sudo to always prompt
for a password:
    Default	timestamp_timeout=0

For more information, see the sudoers man page.

 - todd

More information about the sudo-users mailing list