Ubuntu
bash package

Introduction to sudo on first use.

Bug #65541 reported by Joseph Price
6
Affects Status Importance Assigned to Milestone
bash (Ubuntu)
Confirmed
Wishlist
Unassigned

Bug Description

Although sudo is explain on first launch of the terminal, i feel that it should stay there for more launches... say 10.

I've seen 3 people on ubuntuforum.org already today asking for help on enabling the root account and feel that they could be helped if this information was displayed longer.

Pricey

Revision history for this message
Gabriel Puliatti (predius) wrote :

Thanks for your report. Your idea might get more attention and have
the possibility of being implemented if you would submit a
specification for this.

You should first check whether it already exists at the Ubuntu specs
page (https://launchpad.net/distros/ubuntu/+specs) in Launchpad. If
that is the case, feel free to contact the drafter of that spec about
your comments/suggestions. Otherwise you can start writing a spec
following the steps described in
        https://wiki.ubuntu.com/FeatureSpecifications.

Changed in sudo:
status: Unconfirmed → Rejected
Revision history for this message
Martin Pitt (pitti) wrote :

Reopening again, such a small issue doesn't really warrant a spec. Even if it would, the bug should be open.

Changed in sudo:
importance: Undecided → Wishlist
status: Rejected → Confirmed
Revision history for this message
Joseph Price (pricechild) wrote :

I've given it a spec anyway: https://features.launchpad.net/distros/ubuntu/+spec/gnome-terminal-sudo-info

Revision history for this message
Thomas Hood (jdthood) wrote :

Something that should be explained to people using sudo for the first time is that sudo makes the terminal in which it is run vulnerable to malware after sudo has been used to run any command. (After the user does, e.g., "sudo tail /var/log/syslog", any other command the user runs in the same terminal can itself use sudo to elevate its privileges, until the timeout expires.) Users should perhaps be advised to run third party scripts only in freshly launched terminals.

Revision history for this message
Martin Pitt (pitti) wrote : Re: [Bug 65541] Re: Introduction to sudo on first use.

Thomas Hood [2009-04-12 17:14 -0000]:
> Something that should be explained to people using sudo for the first
> time is that sudo makes the terminal in which it is run vulnerable to
> malware after sudo has been used to run any command. (After the user
> does, e.g., "sudo tail /var/log/syslog", any other command the user runs
> in the same terminal can itself use sudo to elevate its privileges,
> until the timeout expires.) Users should perhaps be advised to run
> third party scripts only in freshly launched terminals.

That wouldn't help really. First, your own user account has _much_
more interesting personal data than root's, and second, once you have
a local user account which can (and does from time to time), you lost
already, since that malware can always install aliases, fake gksu's,
and other tricks to lure you into giving away your password.

Andrea Corbellini (andrea.corbellini)
affects: sudo (Ubuntu) → bash (Ubuntu)
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.