[Bug 802997] Re: sudo login cache is retained even after user logs out

Alex 802997 at bugs.launchpad.net
Tue Jun 28 14:19:20 UTC 2011 

sudo is designed to keep a "ticket" valid for 15 minutes after you use
your password the first time. This is configurable.


Please read man sudoers:

timestamp_timeout
    Number of minutes that can elapse before sudo will ask
    for a passwd again.  The default is 15.  Set this to 0
    to always prompt for a password.  If set to a value
    less than 0 the user’s timestamp will never expire.
    This can be used to allow users to create or delete
    their own timestamps via sudo -v and sudo -k respec‐
    tively.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/802997

Title:
  sudo login cache is retained even after user logs out

Status in “sudo” package in Ubuntu:
  Invalid

Bug description:
  When running sudo 2x in a short period, the second attempt uses cached
  credentials. That's all fine and good, but watch this:

  [stephan at cheyenne:~/tmp]$ ssh imat-dev
  stephan at infomat-dev:~$ sudo su -
  root at infomat-dev:~# 

  Summary:

  a) i sudo'd to root. i was asked for a password, as expected.
  b) i finished my work and logged out from root, then logged off of the remote system.
  c) A few moments later i logged in again to the remote system and did 'sudo su -'.
  d) i expected to be asked for my password, but the old credentials from my _previous_ login were reused.

  IMO the credentials should be invalidated if the user logs out. The
  current behaviour is highly questionable. i would rather it not cache
  at all than to keep the cache valid after i log out.

  ProblemType: Bug
  DistroRelease: Ubuntu 10.10
  Package: sudo 1.7.2p7-1ubuntu2.1
  ProcVersionSignature: Ubuntu 2.6.35-28.50-generic 2.6.35.11
  Uname: Linux 2.6.35-28-generic x86_64
  NonfreeKernelModules: fglrx
  Architecture: amd64
  Date: Tue Jun 28 15:45:13 2011
  InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Release amd64 (20101007)
  ProcEnviron:
   PATH=(custom, user)
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: sudo

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/802997/+subscriptions

More information about the foundations-bugs mailing list