[arch-general] Tired of being asked for a password for "su"? Arch has the solution
Mauro Santos
registo.mailling at gmail.com
Wed Mar 3 09:06:35 EST 2010
> Yes, same answer, you get owned. In fact, even with a password
> required, the "5 minute grace window" for sudo does you in - some bad
> guy just keeps trying to sudo, until you do it legitimately, thereby
> allowing it freely for 5 minutes, and then he's got root.
Isn't it possible to lock that to specific consoles with
"Defaults tty_tickets" in /etc/sudoers ? I guess that with the 5 min.
grace window will give a good balance between annoyance and security.
More information about the arch-general
mailing list