$ man sudo
On Mon, Oct 8, 2012 at 4:19 PM, Alvaro Mantilla Gimenez
<alv...@alvaromantilla.com> wrote:
> Hi,
>
> Today I found something weird on sudo behavior (at least I wasn't aware
> of this). I logged in my server using ssh public key. Once I was in, I
> executed 'sudo -i' to become root. My user has full sudo access using
> password. Everything normal so far. Then I need it to open a new terminal
> (on my local computer) and opened a new ssh connection to the server again.
> This second time, using a different tty, I executed 'sudo -i' again and the
> server let me become root without ask for my password. Is this normal? I
> can imagine a scenario where an attacker got the public and private key of
> some user (but not the password) and just connect to the server and execute
> sudo in a time frame near to the user and get root access. Should sudo
> check, also, the tty of the user when is asking for the password? I am
> running OpenBSD 5.0 without any possibility to test that on 5.1 or current.
> Could somebody test it? Is that the normal behavior of sudo?
>
> Thanks so much in advance and kind regards,
>
> Alvaro
