Comment 22 for bug 1219337

Mark Smith (tntc-tig) wrote :

It's a bit more complicated than that, but not much: Sudo stores the SID in the authentication file. However, setsid is installed by default, so you can just launch processes with new SIDs until you get a match. You can either run setsid and sudo a bunch and hope that you match up, or you can look up the SID (also found in auth.log) and match that without running sudo. It's not trivial, but it's certainly doable.