Red Hat Bugzilla – Bug 437092
Please include [sudo] in password prompt.
Last modified: 2008-03-13 05:32:52 EDT
Debian/Ubuntu these days build sudo with --with-passprompt="[sudo] password for
%p: " which changes the sudo password prompt to include the string [sudo] which
allows the user to recognize *which* password you have to enter when you are
asked for one. This is especially useful if you do commands like "sudo
/usr/bin/passwd foo" where you sometimes are asked for three and sometimes for
two passwords, and you might never know which one is which. This will help users
making sure they don't enter their super-secret password in the wrong prompt,
possibly leaking that information to rogue programs.
Oh, and while we're at it: they also compile sudo with --with-timeout=15 which
in my experience makes sudo a lot more useful, while increasing the risk only
minimally. I think this option would be a good thing in Fedora, too.
sudo-1.6.9p13-3.fc9 is built --with-passprompt
timeout=15, hmm I would appreciate some wider consensus about this :) Don't
you want to start some discussion on fedora-devel? Personally, I don't have
problems with 5minutes and if I want different timeout I'll set it up in