This report is now a few years old and I'm seeing an interesting behavior of sudo:
1. First I'm Cleaning /var/lib/sudo/$USER as root with "rm -rf /var/lib/sudo/sworddragon/*".
2. Then I'm opening a terminal with my user account.
3. Typing tty returns /dev/pts/2.
4. Then I'm typing "sudo true" and entering my correct password.
5. Typing "md5sum /var/lib/sudo/sworddragon/2" as root returns "6ec673eac24f4e2fc0c5fa149eebfcef /var/lib/sudo/sworddragon/2"
6. Then I'm closing the terminal on /dev/pts/2 and opening it again.
7. Typing tty returns /dev/pts/2.
8. On typing sudo true I'm asked again for my password.
9. Instead of typing my password I'm typing now as root again "md5sum /var/lib/sudo/sworddragon/2" which returns "6ec673eac24f4e2fc0c5fa149eebfcef /var/lib/sudo/sworddragon/2".
10. Typing "ls -a /var/lib/sudo/sworddragon" as root returns ". .. 2".
This means even on getting the same pts without expiring of /var/lib/sudo/sworddragon/2 sudo asks me for my password. Can somebody tell me where is hiding the security mechanism here? Also are the cases in this ticket still a problem or are they maybe already fixed?
This report is now a few years old and I'm seeing an interesting behavior of sudo:
1. First I'm Cleaning /var/lib/sudo/$USER as root with "rm -rf /var/lib/ sudo/sworddrago n/*". sudo/sworddrago n/2" as root returns "6ec673eac24f4e 2fc0c5fa149eebf cef /var/lib/ sudo/sworddrago n/2" sudo/sworddrago n/2" which returns "6ec673eac24f4e 2fc0c5fa149eebf cef /var/lib/ sudo/sworddrago n/2". sudo/sworddrago n" as root returns ". .. 2".
2. Then I'm opening a terminal with my user account.
3. Typing tty returns /dev/pts/2.
4. Then I'm typing "sudo true" and entering my correct password.
5. Typing "md5sum /var/lib/
6. Then I'm closing the terminal on /dev/pts/2 and opening it again.
7. Typing tty returns /dev/pts/2.
8. On typing sudo true I'm asked again for my password.
9. Instead of typing my password I'm typing now as root again "md5sum /var/lib/
10. Typing "ls -a /var/lib/
This means even on getting the same pts without expiring of /var/lib/ sudo/sworddrago n/2 sudo asks me for my password. Can somebody tell me where is hiding the security mechanism here? Also are the cases in this ticket still a problem or are they maybe already fixed?