On Thu, Jul 09, 2009 at 08:45:26PM -0400, Daenyth Blank wrote: > On Thu, Jul 9, 2009 at 20:25, Alessandro Doro<ordo.ad@xxxxxxxxx> wrote: > > A simple workaround could be a "sudo -k" after each sudo invocation in > > the makepkg script. > > > > I don't think there should be any such behavior added. All we do is > follow the settings the user has established -- no more and no less. > Let's not have our tools start second-guessing the users. We should > always start with the assumption that the user is competant. Competent and informed: I don't see a warning about potential¹ security issue in makepkg(8). Moreover the description of the '-s' option doesn't talk about the way root privileges are acquired². At least the sudo prompt should be customized, or is the user supposed to read the source (read: the user should not second-guess the tool)? Anyway I'm for discouraging the use of sudo for admnistrative tasks. bye ¹ Really theoretical, assuming that the user: · read the PKGBUILD, · trust the package source. ² Ok, ok... we all know it is obviuos.
