On Thu, Jul 09, 2009 at 03:00:49PM -0500, Aaron Griffin wrote: > On Thu, Jul 9, 2009 at 1:55 PM, Square<toolman33@xxxxxxxxx> wrote: > > I noticed this in my typical routine when installing AUR packages. > > 'makepkg -sic' is the typical command I use, and most of the time if > > dependencies are installed before building sudo doesn't time out > > before the install - meaning I do not have to re-enter a password > > for installing the package itself. This leaves a window where any > > time during the build process a command could have been executed > > with sudo and it would have went through without my knowledge. > > > > I do realize that it should be up to the user to validate all of the > > content, i.e. make sure everything is 'clean', but I thought I might > > bring it up for discussion. > > This is up to you to control. You can change the timeout in > /etc/sudoers by using the "password_timeout" (or is it > "passwd_timeout"?) option. A simple workaround could be a "sudo -k" after each sudo invocation in the makepkg script.
