[sudo-users] question about timestamp
ArameFarpado
a-farpado.spam at netcabo.pt
Fri Jul 13 10:45:02 EDT 2007
Hi, during the timestamp when a user can sudo commands without re-typing the
password, does sudo accept commands from any program has the UID of the same
user?
example:
opened a konsole, launch a sudo command, typed password... then during
timestamp the same user can launch more sudo commands whitout retyping the
password. does this commands must be lauched from the same konsole or they
could be lauch from another konsole or another program as long as they have
been started by the same user?
in other words: can a program (like a game, whit secundary malware
instructions) launch sudo commands during timestamp? as long as that game has
the UID of the sudoer that launched the first sudo?
Or, does sudo detects and rejects sudo commands that wore lauched by another
program, and only allow human typed commands?
Thanks a lot
ArameFarpado
More information about the sudo-users
mailing list