From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: John Shahid Newsgroups: gmane.emacs.devel Subject: Re: sudo:: method in tramp possible security issue Date: Wed, 21 Nov 2018 09:55:27 -0500 Message-ID: <8736ruo4yo.fsf@gmail.com> References: <87ftvwdcdw.fsf@gmx.de> <87bm6kdb68.fsf@gmx.de> <87bm6kyxc3.fsf@gmx.de> <87k1l83yd3.fsf@gmx.de> <87o9ajvost.fsf@gmx.de> <87198cbf-4e47-b094-8a06-7406114e86db@cs.ucla.edu> <888b347f-80f3-dbc2-9e88-74be3375b599@cs.ucla.edu> <878t1n2yll.fsf@gmx.de> <87d0qy98sc.fsf@gmx.de> <874lcao5gq.fsf@gmail.com> <87y39mo53r.fsf@gmx.de> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: blaine.gmane.org 1542812047 2021 195.159.176.226 (21 Nov 2018 14:54:07 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Wed, 21 Nov 2018 14:54:07 +0000 (UTC) User-Agent: mu4e 1.1.0; emacs 27.0.50 Cc: Eli Zaretskii , Paul Eggert , emacs-devel , =?utf-8?B?Sm/Do28gVMOhdm9yYQ==?= , Stefan Monnier To: Michael Albinus Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed Nov 21 15:54:02 2018 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gPTtB-0000Ny-Tm for ged-emacs-devel@m.gmane.org; Wed, 21 Nov 2018 15:54:02 +0100 Original-Received: from localhost ([::1]:39614 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gPTvI-0007A9-95 for ged-emacs-devel@m.gmane.org; Wed, 21 Nov 2018 09:56:12 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:39256) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gPTug-00079r-Eh for emacs-devel@gnu.org; Wed, 21 Nov 2018 09:55:35 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gPTud-0005GY-7w for emacs-devel@gnu.org; Wed, 21 Nov 2018 09:55:34 -0500 Original-Received: from mail-qt1-x830.google.com ([2607:f8b0:4864:20::830]:38608) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1gPTud-0005G4-2y; Wed, 21 Nov 2018 09:55:31 -0500 Original-Received: by mail-qt1-x830.google.com with SMTP id p17so4082533qtl.5; Wed, 21 Nov 2018 06:55:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=references:user-agent:from:to:cc:subject:in-reply-to:date :message-id:mime-version; bh=wnFpznueH7DZobEpgV844HViWZN0RUzQuwOuSiFlXug=; b=CwGspowxqkqbN33sNuE8foxUhJofXp3qII33RPL0tj7VrcJVmj8OdIwOopT5vykGiA pQSamL5jYasOYhq/H+XtMRzoFNrL09BiCK1ru2tabzgCAksBG9roIg2jvkmPXf5niNOR CAg/czm8/GJh7VLfaUBORMjbu0GiqmvPPrdlt8VX7+0KybEf+X/d9H17yIJ1d4AVF3ew A43Uc3XVytFL/ugJTvML203vgaIwfJiJ7mJAqsr+/Mv1XTuD5PxmVqpcjd1TNdlc/7HO 4p9wkwRMhRAwKzoH+BS8aZHyzB2WBrBfGGuoqha1NxHveM00R8QNQQLkNL3eR33HNSQp hg0A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:references:user-agent:from:to:cc:subject :in-reply-to:date:message-id:mime-version; bh=wnFpznueH7DZobEpgV844HViWZN0RUzQuwOuSiFlXug=; b=Qlq2ZtkNa5BZoyg9qdLF0IfmF8/2u4Ls8ynIGW9UU58qLSKYMWi+/5fAkEfzlHFRaZ W5yv8rjas/MXhS4Xttz02vhdAchplhThZbWndqE1XaQnzXwMsfV2wKbaa3ntySZ9zZC1 kwH3XU1pGJHHcp+B8hDzKyPc/r1JeMb6+d25/B9wvCCtZnIm0Q/YIROGAVTknb9nSiS5 dQd2jiMsR5QWuY7m6F1YwDL/HUoU/Fq2ofiWazQDsI8WRa16ttyRzRqiX87HIGxF2i7p dqwOjnYwr8Sr9Fp/vMV2OxZbGagnWRHs5dqguGwrfKsE9otvPyAZTQvhEdLvlkr45Lg5 l+Qg== X-Gm-Message-State: AGRZ1gIgk6i+DsFmca64uM81uibKWaDfkcWkk6WwafUTk1WlWv4Uz0qf aKLVnkvVt2yy3sD8fVA3qzJ2zbsgI2k= X-Google-Smtp-Source: AJdET5foGT4O/887ADrCKo5nkso8Uj3BdKRwqB2+OUPdZyvwgQs/SPlRRCZj+RT6WwzCLHuwUktPSA== X-Received: by 2002:aed:3366:: with SMTP id u93mr6353165qtd.177.1542812130000; Wed, 21 Nov 2018 06:55:30 -0800 (PST) Original-Received: from amun (cpe-104-162-86-217.nyc.res.rr.com. [104.162.86.217]) by smtp.gmail.com with ESMTPSA id b6sm20942102qtq.29.2018.11.21.06.55.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 21 Nov 2018 06:55:29 -0800 (PST) In-reply-to: <87y39mo53r.fsf@gmx.de> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2607:f8b0:4864:20::830 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.org gmane.emacs.devel:231286 Archived-At: Michael Albinus writes: > John Shahid writes: > > Hi John, > >> Is there a reason for doing a manual expiration instead of relying on >> the default sudo behavior. If tramp start a new sudo shell for example >> to get file attributes, then sudo can take care of caching the password >> or asking for it after the configured timeout. That would consolidate >> the configuration in one place (i.e. /etc/sudoers for the timeout) as >> well as let users manage the cache (e.g. sudo -k when the user logs out) >> the same way they do today. > > The point is that Tramp (until now) keeps a session open forever. Tramp > doesn't "start a new sudo shell for example to get file attributes". > Therefore, there's no chance that sudo could ask for a password, > again. That's why the new mechanism interrupts the session after the > session timeout, and opening a new one depends on sudo's mechanism for > cached passwords. That was the essence of my question. What is stopping us from starting a new session as needed instead of keeping one around forever ?