Hilko BengenGreat job, Ubuntu!
$ sudo -v
/etc/sudoers.d/nobatch:3:10: unknown setting: 'requiretty'
Defaults requiretty
^~~~~~~~~~
Keith BöhlerI was reading some discussion on the sudo-rs now showing asterisks.
I don't hate that it does. I don't find that the rational to keep the typing hidden is really that strong. It reads like making a case for security by obscurity. Something which we all in the #foss world would already agree is a flaw.
Most traditions outlive their usefulness and assumptions that made them. Maybe this says we need more than just long passwords in systems that use sudo.
jomoFYI: The sudo-rs bug of leaking passwords on timeout is a general problem of line buffered stdin streams.
The `read` builtin suffers from the same problem.
https://github.com/trifectatechfoundation/sudo-rs/security/advisories/GHSA-c978-wq47-pvvw
schemeHa, Beweis erbracht! Nur weil man was in einer speichersicheren Sprache geschrieben hat, ist es noch lange nicht sicher!
Bis gestern konnte ich noch ein #sudo_rs-Passwort erlangen, wenn ich den Admin während der Eingabe desselbigen von der Tastatur weg gelockt habe. Voll gefährlich!
Da bleibt man doch lieber bei #C_ollectionOfAsmMacros, denn Milliarden von Entwicklerstunden können nicht irren! Nimm das, #CargoCult!
Harry SintonenThis is a reminder to everyone that security is more than just memory safety. https://www.phoronix.com/news/sudo-rs-security-ubuntu-25.10
