Bug 167 – Files in /var/run/sudo remain after user has logged out

Bug 167 - Files in /var/run/sudo remain after user has logged out


Summary:	Files in /var/run/sudo remain after user has logged out

Status:	RESOLVED FIXED

Product:	Sudo
Classification:	Unclassified
Component:	Sudo
Version:	1.6.8
Hardware:	PC Linux

Importance:	low enhancement
Assigned To:	Todd C. Miller

URL:

Duplicates:	219 (view as bug list)
Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2005-02-02 05:09 MST by Joachim Nilsson
Modified:	2010-06-18 16:22 MDT (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Joachim Nilsson 2005-02-02 05:09:50 MST

Hi!

This is a minor annoyance only.  I feel it's a bit unsafe to not remove the file
/var/run/sudo/$USER after the user has logged out.  Logging in again in a short
enough time frame will allow that user to use sudo again.  

It's a bit outside the scope of the sudo package, but consider a user logging in
to a rempote host to sudo a command. The user logged in using insecure telnet
and the password got snooped. The attacker monitors the connection and logs in
posing as the user and could potentially get root access because the $USER file
in /var/run/sudo/ still remained.

There are a lot of flaws to my reasoning above, but I think you get my point.

Maybe a note in the man page could be inserted about this so site admins could
add some cleanup script to each users .bash_logout or such. Again, probably not
a suitable solution to use .bash_logout but you get my drift by now.

Regards
 /Jocke

Comment 1 Todd C. Miller 2008-11-06 07:45:28 MST

*** Bug 219 has been marked as a duplicate of this bug. ***

Comment 2 Todd C. Miller 2010-06-18 16:22:50 MDT

Beginning with version 1.7.3, sudo can detect when a timestamp file is older than the user's login session on Linux with the devpts filesystem when tty tickets are in use.