Bug 437092 - Please include [sudo] in password prompt.
Summary: Please include [sudo] in password prompt.
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: sudo
Version: rawhide
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Peter Vrabec
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-03-12 12:19 UTC by Lennart Poettering
Modified: 2008-03-13 09:32 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-03-13 09:32:52 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Lennart Poettering 2008-03-12 12:19:12 UTC 
Debian/Ubuntu these days build sudo with --with-passprompt="[sudo] password for
%p: " which changes the sudo password prompt to include the string [sudo] which
allows the user to recognize *which* password you have to enter when you are
asked for one. This is especially useful if you do commands like "sudo
/usr/bin/passwd foo" where you sometimes are asked for three and sometimes for
two passwords, and you might never know which one is which. This will help users
making sure they don't enter their super-secret password in the wrong prompt,
possibly leaking that information to rogue programs.

Oh, and while we're at it: they also compile sudo with --with-timeout=15 which
in my experience makes sudo a lot more useful, while increasing the risk only
minimally. I think this option would be a good thing in Fedora, too.
Comment 1 Peter Vrabec 2008-03-13 09:32:52 UTC 
sudo-1.6.9p13-3.fc9 is built --with-passprompt

timeout=15, hmm I would appreciate some wider consensus about this :) Don't 
you want to start some discussion on fedora-devel? Personally, I don't have 
problems with 5minutes and if I want different timeout I'll set it up in 
sudores.
Note You need to log in before you can comment on or make changes to this bug.