[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: sudo:: method in tramp possible security issue
From: |
John Shahid |
Subject: |
Re: sudo:: method in tramp possible security issue |
Date: |
Wed, 21 Nov 2018 09:55:27 -0500 |
User-agent: |
mu4e 1.1.0; emacs 27.0.50 |
Michael Albinus <address@hidden> writes:
> John Shahid <address@hidden> writes:
>
> Hi John,
>
>> Is there a reason for doing a manual expiration instead of relying on
>> the default sudo behavior. If tramp start a new sudo shell for example
>> to get file attributes, then sudo can take care of caching the password
>> or asking for it after the configured timeout. That would consolidate
>> the configuration in one place (i.e. /etc/sudoers for the timeout) as
>> well as let users manage the cache (e.g. sudo -k when the user logs out)
>> the same way they do today.
>
> The point is that Tramp (until now) keeps a session open forever. Tramp
> doesn't "start a new sudo shell for example to get file attributes".
> Therefore, there's no chance that sudo could ask for a password,
> again. That's why the new mechanism interrupts the session after the
> session timeout, and opening a new one depends on sudo's mechanism for
> cached passwords.
That was the essence of my question. What is stopping us from starting
a new session as needed instead of keeping one around forever ?
- Re: sudo:: method in tramp possible security issue, (continued)
- Re: sudo:: method in tramp possible security issue, Stefan Monnier, 2018/11/20
- Re: sudo:: method in tramp possible security issue, Michael Albinus, 2018/11/20
- Re: sudo:: method in tramp possible security issue, João Távora, 2018/11/20
- Re: sudo:: method in tramp possible security issue, Stefan Monnier, 2018/11/20
- Re: sudo:: method in tramp possible security issue, Michael Albinus, 2018/11/21
- Re: sudo:: method in tramp possible security issue, Michael Albinus, 2018/11/21
- Re: sudo:: method in tramp possible security issue, Filipp Gunbin, 2018/11/21
- Re: sudo:: method in tramp possible security issue, Michael Albinus, 2018/11/21
- Re: sudo:: method in tramp possible security issue, John Shahid, 2018/11/21
- Re: sudo:: method in tramp possible security issue, Michael Albinus, 2018/11/21
- Re: sudo:: method in tramp possible security issue,
John Shahid <=
- Re: sudo:: method in tramp possible security issue, Michael Albinus, 2018/11/21
Re: sudo:: method in tramp possible security issue, Michael Albinus, 2018/11/20
Re: sudo:: method in tramp possible security issue, Michael Albinus, 2018/11/20