On Tue, Nov 15, 2005 at 01:31:26PM +0100, Jurzitza, Dieter wrote:
Nevertheless I cannot see a good reason to use 5 min password asking timeout as the default - I think that 0 min would be appropriate - whoever needs it shorter, can set it accordingly - but on his / her own risk.
When you have to run a bunch of different commands using sudo while tracking down a problem for users or something, that cache comes in mighty handy. It would waste far too much time to have to type a password every single time when you're in the middle of trying to fix something. Of course, to each his own.. but sudo has been around a long time and has had a lot of people looking at it's code for exploits. If you're worried about people jumping on your box if you walk away while the cache is still live... lock your console, exit the shell, whatever. -- Mike Marion-Unix SysAdmin/Staff Engineer-http://www.qualcomm.com [It's Halloween Kitty gives out raisins] Kids: "Ewwwww..." Kitty: "No, raisins are good for you. Raisins are nature's candy." [As soon as she closes the sliding glass door eggs hit it] Red: "..and eggs are nature's hand grenade. Kitty, don't give them raisins.. it just pisses them off."