[sudo-users] question about timestamp

ArameFarpado a-farpado.spam at netcabo.pt
Fri Jul 13 10:45:02 EDT 2007

Hi, during the timestamp when a user can sudo commands without re-typing the 
password, does sudo accept commands from any program has the UID of the same 
opened a konsole, launch a sudo command, typed password... then during 
timestamp the same user can launch more sudo commands whitout retyping the 
password. does this commands must be lauched from the same konsole or they 
could be lauch from another konsole or another program as long as they have 
been started by the same user?
in other words: can a program (like a game, whit secundary malware 
instructions) launch sudo commands during timestamp? as long as that game has 
the UID of the sudoer that launched the first sudo?

Or, does sudo detects and rejects sudo commands that wore lauched by another 
program, and only allow human typed commands?

Thanks a lot

More information about the sudo-users mailing list