Bug 785

Summary: add two-man rule functionality to sudo
Product: Sudo Reporter: dcfix <darren.fix>
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: NEW ---    
Severity: enhancement    
Priority: low    
Version: 1.8.19   
Hardware: PC   
OS: All   

Description dcfix 2017-05-04 10:28:39 MDT 
Thanks for this awesome program! I appreciate your work!

On May 4th, Amazon suffered a major outage when an authorized tech fat-fingered a command from their "playbook." This might have been avoided if a second authorized user was required to validate the command before it was executed. 

Background on the two-man rule can be found here: https://en.wikipedia.org/wiki/Two-man_rule

I propose that when a user runs the sudo command, the program will check the config file to see if the command being invoked is in the two-man (or dual-auth) list. If it's in the list, sudo grabs the timeout value from the config (30 second time out as the default.) Sudo then checks the log file to see if the **exact same command** had been issued by a **different user** within the timeout period. If it has, sudo runs the command. If not, sudo notifies the user that a second authorized user must execute the same command within the timeout window.