sudo lecture and sudo password prompt caching timeout
Todd C. Miller
Todd.Miller at courtesan.com
Sat Apr 5 14:17:50 EST 2003
In message <200304051536.h35Fajq01495 at mailgate5.cinetic.de>
so spake (devzero):
> I want to enforce that there is no passwort caching timeout so that
> users ( maybe some - not all ) ALWAYS need to provide their password
> if "PASSWD" is specified in /etc/sudoers. At the current time, I
> can only modify that behaviour at "configure" time on a global
> basis. I would wish, that I can put that into a config file, too.
> (and if possible on a per-user basis) This was an issue on this
> list some time ago (http://www.sudo.ws/mailman/htdig/sudo-
> workers/2000-November/000146.html). I also think, this is an
> "inconsistency" because it will confuse some users (i have made
> that experience - I need to explain "sudo details" to users which
> I won`t need to explain, if that behaviour wouldn`t be there)
A line like the following in sudoers will cause sudo to always prompt
for a password:
Default timestamp_timeout=0
For more information, see the sudoers man page.
- todd
More information about the sudo-users
mailing list