[sudo-workers] Parsing TTY information before checking user permission reg.
vignesh at atc.tcs.com
Wed Jun 7 22:49:00 MDT 2017
It appears that sudo is parsing the /proc/self/stat before checking
whether the user is having permission to run sudo or not. Isn't it
better if we do the parsing only after verifying the user permission?
Or is it done that way for some reasons (such as user verification and
the subsequent command execution are tightly coupled)?
More information about the sudo-workers