Isn’t it enough to just enter your password once to login, then receive a warning whenever you’re about to do something potentially dangerous?

If it’s such a big security risk, how come the most popular and widely used operating systems in the world and their users seem to be unaffected by it?

I guarantee, most new users coming to Linux from Windows/macOS are going to laugh and look at you funny if you try to justify entering your password again and again and again.

  • UnfortunateShort@lemmy.world
    link
    fedilink
    arrow-up
    8
    ·
    edit-2
    6 months ago

    You do need to authorize admin action on Windows and it causes severe security issues, because people do it without thinking all the time.

    You can also configure Linux to have this behaviour, but for security reasons it works differently out of the box. Also, some programs, such as many terminal emulators, can cache you PW so you don’t have to enter it multiple times.

    I use a U2F key for sudo and it’s just one touch. One touch you need to sit in front of my computer for.

    • Markaos
      link
      fedilink
      arrow-up
      3
      ·
      6 months ago

      Also, some programs, such as many terminal emulators, can cache you PW so you don’t have to enter it multiple times.

      Terminal emulators don’t (or at least shouldn’t) do any such thing. sudo itself is responsible for letting you do privilege escalation without password for some time after successfully passing once - whenever you run it and successfully authenticate, it saves your user id, current time and a session identifier (each open shell gets a unique identifier) into a file. Then, when you attempt to do anything, it will check this file to see if you’ve if you’ve authenticated within the last few minutes in this terminal, and only ask for a password if you haven’t.

      For more info, see man sudoers_timestamp