Bug 186808 - sudo remembers passwd across gnome-terminals
sudo remembers passwd across gnome-terminals
Product: Fedora
Classification: Fedora
Component: sudo (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Karel Zak
Ben Levenson
Depends On:
  Show dependency treegraph
Reported: 2006-03-26 12:58 EST by Simon Goodall
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-03-27 03:38:53 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Simon Goodall 2006-03-26 12:58:13 EST
Description of problem:
When I use sudo to run a priveleged command in gnome-terminal, I wish to close
the terminal so sudo cannot be used again. However if a new gnome-terminal is
started soon after and a sudo command is run, sudo does not ask for a password.

I have noticed that this has been a problem for a quite a few versions of
fedora. This seems like a minor security risk as I would expect sudo to work per
terminal and so closing a terminal would "forget" that sudo had previously been

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Open gnome-terminal and use sudo to execute a command (requiring passwd)
2. Close gnome-terimal.
3. Open new terminal(s)
4. run a new sudo command
Actual results:
sudo runs without requiring a passwd

Expected results:
sudo should ask for a password before continuing

Additional info:
Comment 1 Simon Goodall 2006-03-26 12:59:34 EST
this seems to be the case with xterm , and so persumably, other apps too.
Comment 2 Karel Zak 2006-03-27 03:38:53 EST
The password timestamp is not terminal specific and it's valid for all
terminals. You can disable this feature by timestamp_timeout=0 option in the
/etc/sudoers file. For more details see man sudo and man sudoers.

Note You need to log in before you can comment on or make changes to this bug.