Bug 85967 - Sudo timestamps survive a system reboot
Summary: Sudo timestamps survive a system reboot
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: sudo (Show other bugs)
(Show other bugs)
Version: 8.0
Hardware: All Linux
medium
medium
Target Milestone: ---
Assignee: Thomas Woerner
QA Contact: Ben Levenson
URL:
Whiteboard:
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2003-03-11 17:38 UTC by Randall Wood
Modified: 2007-04-18 16:51 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-04-23 10:31:28 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Randall Wood 2003-03-11 17:38:15 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20020830

Description of problem:
sudo timestamp files survive a system reboot. A workstation restarted using
"shutdown -rf now" can reboot within the 5 minute life of a sudo authentication
ticket. If a user logs in on the same terminal, sudo's ticket remains valid.

Version-Release number of selected component (if applicable):
sudo-1.6.6-1

How reproducible:
Always

Steps to Reproduce:
1.valid sudo user enters sudo /sbin/shutdown -rf now with valid password
2.if user logins to same terminal immediately after reboot, sudo -v does not
require authentication.
    

Actual Results:  I was required to authenticate myself

Expected Results:  I should have be required to authenticate

Additional info:

This bug has been submited to http://www.sudo.ws/sudo/bugs/show_bug.cgi?id=101

Comment 1 Mark J. Cox 2003-04-23 10:31:28 UTC
Sudo timestamp files are kept in /var/tmp/sudo.  The /etc/rc.d/rc.sysinit file
as part of the initscripts package shipped with 8.0 does not clean out the
/var/tmp/sudo directory.  The initscripts package shipped with Red Hat Linux 9
has been updated to clear out the /var/tmp/sudo directory.


Note You need to log in before you can comment on or make changes to this bug.