Isn’t it enough to just enter your password once to login, then receive a warning whenever you’re about to do something potentially dangerous?

If it’s such a big security risk, how come the most popular and widely used operating systems in the world and their users seem to be unaffected by it?

I guarantee, most new users coming to Linux from Windows/macOS are going to laugh and look at you funny if you try to justify entering your password again and again and again.

  • Markaos
    link
    fedilink
    arrow-up
    3
    ·
    7 months ago

    Also, some programs, such as many terminal emulators, can cache you PW so you don’t have to enter it multiple times.

    Terminal emulators don’t (or at least shouldn’t) do any such thing. sudo itself is responsible for letting you do privilege escalation without password for some time after successfully passing once - whenever you run it and successfully authenticate, it saves your user id, current time and a session identifier (each open shell gets a unique identifier) into a file. Then, when you attempt to do anything, it will check this file to see if you’ve if you’ve authenticated within the last few minutes in this terminal, and only ask for a password if you haven’t.

    For more info, see man sudoers_timestamp