Re: What can't sudo do?
On Mon, Mar 15, 2004 at 02:52:49PM -0800, Bill Moseley wrote:
> If I use sudo (to
> try and provide most admin functions) then I would worry because my
> normal account then has more privileges that I'd want. Then someone only
> need to gain access to my account instead of root.
I assume you're not using the NOPASSWD tag; I dislike it for the same
reasons you seem to. When not using NOPASSWD, you're prompted for a
password only if 15 minutes has passed since you last used sudo. (The
delay is configurable; see sudoers(5) for timestamp_timeout.) When
you're done, just run 'sudo -k' to invalidate the timestamp as if 15
minutes had elapsed. After this, no one can use your sudo privileges
without re-entering the password.
Gregory K. Johnson
favorites: Vim, Mutt, LaTeX, Zsh, screen or Fluxbox, Python or C,
Linux, Debian, the GPL, man pages, RPN, HP 48/49, PSION 5mx