On Thu, Jul 09, 2009 at 08:45:26PM -0400, Daenyth Blank wrote:
On Thu, Jul 9, 2009 at 20:25, Alessandro Doro<ordo.ad@gmail.com> wrote:
A simple workaround could be a "sudo -k" after each sudo invocation in the makepkg script.
I don't think there should be any such behavior added. All we do is follow the settings the user has established -- no more and no less. Let's not have our tools start second-guessing the users. We should always start with the assumption that the user is competant.
Competent and informed: I don't see a warning about potential¹ security issue in makepkg(8). Moreover the description of the '-s' option doesn't talk about the way root privileges are acquired². At least the sudo prompt should be customized, or is the user supposed to read the source (read: the user should not second-guess the tool)? Anyway I'm for discouraging the use of sudo for admnistrative tasks. bye ¹ Really theoretical, assuming that the user: · read the PKGBUILD, · trust the package source. ² Ok, ok... we all know it is obviuos.