On Tuesday 16 October 2018 11:37:44 Greg Wooledge wrote: > On Tue, Oct 16, 2018 at 11:28:44AM -0400, Gene Heskett wrote: > > Since leaving a sudo -i laying about is considered a security > > breach, I'm amazed that the -i option doesn't accept a timeout. Say > > in seconds, as if you think it will take 5 minutes to do the job as > > root, sudo -i300, at the ends of which it expires. > > You could set the TMOUT variable in the resulting shell, either > manually or by a setting in some rc file (e.g. /root/.bashrc if that's > what the shell reads).
Okayyy, TMOUT=30, and 30 seconds later it does time out, returning me to my user prompt. And I ran synaptic and it didn't time out till 30 secs after I had quit synaptic which leaves an exploitable hole. Synaptic took way more, than the 30 I set TMOUT to. Ideally it should have returned to the users prompt at the synaptic exit, or would that leave trash behind? Anyway, many thanks for the schooling, Greg. Even after 20 years, I hadn't heard of that before. -- Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web page <http://geneslinuxbox.net:6309/gene>
