|
|
Remove insecure root 'grace period' from sudo
The following should be added under defaults as well...
Remove insecure root 'grace period' from sudo
Once the grace period is zero, there is really no concern about TTY tickets--you're going to have to enter the password each time anyway, regardless of which TTY you're on.
Remove insecure root 'grace period' from sudo
Yes insults does not really need to be there. I just did a copy paste of what my servers have set.
Remove insecure root 'grace period' from sudo
By default, you've got "timestamp_timeout" amount of time from a password prompt to invoke "sudo" again without being prompted for a password.
With "tty_tickets", you're ticket is only good on a single TTY, if you change TTYs but are still within the timeout period, you'll have to type your password. So, by setting "timestamp_timeout" to 0, you must always enter a password, even if you do two sudos in a row on the same TTY:
tty_tickets isn't much help in securing things, because all Cocoa/Carbon apps run under the same TTY ("console"). So the only way to prevent something from taking advantage of you authenticating an installer is to clear the timeout and key the password multiple times instead. It Would Be Nice if you could set up timestamp_timeout on "console" to 0, but keep it at several minutes for /dev/tty*, so that your Terminal.app, xterm, iTerm.app, and so on windows work as usual. And yes, this is all standard-on-all-UNIXes behavior of sudo. The unusual thing is the way Apple has automatic sudo in several spots in the GUI. (And I'll give them credit for just using sudo, rather than inventing yet another tool for the job. Though it did expose the timestamp_timeout risk in a way that most sudo-ers don't anticipate--I've tightened up sudo on all my systems as a result.)
Remove insecure root 'grace period' from sudo
THANX for the clarification.
Remove insecure root 'grace period' from sudo
Um, sudo doesn't drop the ticket when you exit the shell (it doesn't even run at this point). But nevertheless, the tty_tickets option should be sufficient to disallow a malicious widget to run as root without losing the comfort of only having to authenticate about every 5 minutes. On a side remark, even with the sudo security issue solved, a malicious widget could still do quite some damage, like removing your home directory, so you should still be careful about which widgets you install.
Remove insecure root 'grace period' from sudo
The problem with just using tty_tickets is that everything in the GUI is under "console", except for terminal-type windows. |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.09 seconds |
|