Ubuntu: Does Ubuntu store sudo password in cache? [duplicate]



Question:

This question already has an answer here:

If we fire a command with sudo in terminal, it asks for password for the first time and if we fire another command with sudo immediately in same terminal, it won't ask for password again. Why is it so ?

Does Ubuntu store the sudo password for sometime in cache? Can anyone else (another program/malware) use that password during that time span ?


Solution:1

Why is it so? Comfort I guess. You wouldn't use sudo if you had to type your password every 2 seconds.

sudo does not remember your password. sudo remembers the date, user and terminal. If a sudo command in the same terminal is executed by the same user in a short period of time (15 minutes by default), sudo just doesn't ask for the password again.

sudo needs your password to make sure you are really you, and not someone else while you're away drinking coffee. it does not need your password to switch to root, since it runs as root.

If, from the same terminal, you run some malware within the grace period, the malware may be able to sudo without a password.

You may use sudo -k to invalidate the cache.


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »