On Thu, Jul 9, 2009 at 3:37 PM, Thomas Bächler<thomas@xxxxxxxxxxxxx> wrote: > Aaron Griffin schrieb: >> >> On Thu, Jul 9, 2009 at 1:55 PM, Square<toolman33@xxxxxxxxx> wrote: >>> >>> I noticed this in my typical routine when installing AUR packages. >>> 'makepkg -sic' is the typical command I use, and most of the time if >>> dependencies are installed before building sudo doesn't time out before the >>> install - meaning I do not have to re-enter a password for installing the >>> package itself. This leaves a window where any time during the build process >>> a command could have been executed with sudo and it would have went through >>> without my knowledge. >>> >>> I do realize that it should be up to the user to validate all of the >>> content, i.e. make sure everything is 'clean', but I thought I might >>> bring it up for discussion. >> >> This is up to you to control. You can change the timeout in >> /etc/sudoers by using the "password_timeout" (or is it >> "passwd_timeout"?) option. > > I agree. The question is not about makepkg security, but about sudo > security. And frankly, sudo is a security desaster in its default > configuration. Any suggestions for changing / shipping a better default config file? I know little about the security implications of this, but I think we should ship a decent default if possible.
