lcavalheiro
(usa Slackware)
Enviado em 11/03/2016 - 00:49h
listeiro_037 escreveu:
Se eu nçao me engano é o LINUX PAM que dá esse tempo.
Como eu não mexo sempre não sei certificar agora como se mexe nestes 15 minutos.
----------------------------------------------------------------------------------------------------------------
http://24.media.tumblr.com/tumblr_m62bwpSi291qdlh1io1_250.gif
# apt-get purge systemd (não é prá digitar isso!)
Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it. — Edward Snowden
O sudo não depende do pam, pode usá-lo ou não. Cito a manpage do sudoers do Slackware:
By default, the env_reset option is enabled. This causes commands to be
executed with a new, minimal environment. On AIX (and Linux systems
without PAM), the environment is initialized with the contents of the
/etc/environment file. The new environment contains the TERM, PATH,
HOME, MAIL, SHELL, LOGNAME, USER, USERNAME and SUDO_* variables in addi
tion to variables from the invoking process permitted by the env_check
and env_keep options. This is effectively a whitelist for environment
variables. Environment variables with a value beginning with () are
removed unless both the name and value parts are matched by env_keep or
env_check, as they will be interpreted as functions by older versions of
the bash shell. Prior to version 1.8.11, such variables were always
removed.
O tempo padrão do sudo é 5min, pelo menos no Slackware. Cito a manpage do sudo no Slackware:
The security policy determines what privileges, if any, a user has to run
sudo. The policy may require that users authenticate themselves with a
password or another authentication mechanism. If authentication is
required, sudo will exit if the user's password is not entered within a
configurable time limit. This limit is policy-specific; the default
password prompt timeout for the sudoers security policy is 5 minutes.
Na mesma manpage ensina como usar o sudoers para definir o tempo durante o qual as credenciais do usuário serão válidas pro sudo. Em sistemas que tenham o pam e que o sudoers seja instruído a carregar os módulos do pam, essa configuração se dá pelo pam; do contrário, pelo sudoers.
--
Dino®
Vi veri universum vivus vici
Public GPG signature: 0x246A590B
Só Slackware é GNU/Linux e Patrick Volkerding é o seu Profeta