Comment 3 for bug 87023

Thanks for this well-described bug report! I wonder if some people would describe the "authenticated old tty" issue as a "feature"? I would tend to agree, though, that it is surprising to open a terminal and not get prompted. I find your "Issue 2" the most compelling -- this should not be allowed to happen.

As you've hinted, the "original" solution, in the design of sudo in general, was for users to add "sudo -K" to their ~/.bash_logout file. However, I suspect that isn't a proper solution (especially for gksu/kdesu). I haven't checked, but if udev receives notifications about pts devices being removed, perhaps it could be responsible for running "sudo -K" (or something similar)? That might solve all three scenarios, though I'm curious about the double pts allocation with kdesu.