...it can, maybe have you wondering about, how secure your desktop really is.
The message 'Granted permissions without asking for password' is not too serious when the explanation is read in full, but it does grab your attention :)
What is happening is that an authentication password you have entered has been cached, and is now being reused.
The output above shows an example of what is happening in the background. It shows
gksudobeing called with the message "Wicd needs to access your computer's network cards", but instead of showing you the message, your system is taking advantage of a cached sudo password (
This is designed to add some convenience to your desktop, but does not suit everyone.
Now some might shout 'security risk' or 'insecure desktop', but as with most things Linux, it can always be changed to suit individual needs (see next section)
timestamp_timeout of If you feel the sudo password caching is too much for your taste then
you can enter your own preference in the file
timestamp_timeout=1will ensure passwords are only cached for a minute.
The screenshot above does not show me actually making the change, but rather I provide examples of how the relevant line in
The first line beginning Defaults, is how thing are right now. Sudo is using the default caching time (15 minutes or 5 minutes according to various forum postings )
The last line shows how the line in
/etc/sudoersshould look in order to have 1 minute caching.
The guide here shows you how to use
sudo -Kto empty out a cached password
( helpful if you are about to walk away from a shared desktop machine )
There are several guides to walk you through the editing of
/etc/sudoers, they tend to be editor specific and here is one for
Although the command itself is named
visudo, you can use
update-alternativescommand to have emacs editing as follows:
update-alternatives --config editor
( pick the number corresponding to emacs, and you have emacs editing of sudoers next time you run