Comment 18 for bug 87023
Revision history for this message
| Removed by request (removed3425744) wrote | #18 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Thanks for the answer. If I'm not wrong ctime has a nanosecond resolution. The only way to abuse this is if:
- The tty/pts gets closed.
- The time adjusts to the past (for example due to ntp).
- The next opened console/terminal gets the same number and is created exactly at the same time.
While this is theoretically possible it should only be seen as an extremely rare race-condition. Also normally while the user opens a terminal, types sudo and enters his password at least a few seconds will be gone. Normally the adjustment of ntp is only a few milliseconds. If I'm not wrong here too ntp refuses to adjust the time to a too far point.
So this is a very nice security mechanism of sudo (does gksudo build on sudo too and benefit from this?).