[sudo-workers] Parsing TTY information before checking user permission reg.

Vigneswaran R vignesh at atc.tcs.com
Wed Jun 7 22:49:00 MDT 2017


It appears that sudo is parsing the /proc/self/stat before checking 
whether the user is having permission to run sudo or not. Isn't it 
better if we do the parsing only after verifying the user permission?

Or is it done that way for some reasons (such as user verification and 
the subsequent command execution are tightly coupled)?



More information about the sudo-workers mailing list