This is harder to make secure than you realize. Once you add it you will people will complain that if you logout and log back in again during the timeout you can still run commands. Next you will get requests for per-tty and per-destination user timeout files.
But wait! If someone can change the clock (an unprivileged operation for a lot of desktop environments) they can extend their timeout without a password. So now you need to use monotonic time. The list goes on and on... If you really need this feature just install sudo from ports. - todd
