Does Ubuntu store sudo password in cache?

Question

If we fire a command with sudo in terminal, it asks for password for the first time and if we fire another command with sudo immediately in same terminal, it won't ask for password again. Why is it so ?

Does Ubuntu store the sudo password for sometime in cache? Can anyone else (another program/malware) use that password during that time span ?

"Keyring is a collection of components in GNOME that store secrets, passwords, keys, certificates and make them available to applications." This is what is stated here --> http://askubuntu.com/questions/32164/what-does-a-keyring-do Are you sure keyring itself is used for `sudo` ? — node_analyser, Oct 20 '16 at 09:07
Thanks everyone for marking it as duplicate and redirecting me to correct answer. :) — node_analyser, Oct 24 '16 at 09:40

score 2 · Accepted Answer · edited Oct 20 '16 at 15:21

2

Why is it so? Comfort I guess. You wouldn't use sudo if you had to type your password every 2 seconds.

sudo does not remember your password. sudo remembers the date, user and terminal. If a sudo command in the same terminal is executed by the same user in a short period of time (15 minutes by default), sudo just doesn't ask for the password again.

sudo needs your password to make sure you are really you, and not someone else while you're away drinking coffee. it does not need your password to switch to root, since it runs as root.

If, from the same terminal, you run some malware within the grace period, the malware may be able to sudo without a password.

You may use sudo -k to invalidate the cache.

edited Oct 20 '16 at 15:21

Zanna

69,223
56
216
327

answered Oct 20 '16 at 09:16

exore

969
6
10

your last line talks about invalidating the cache, which means invalidating the timestamp details, isn't it ? Has it been documented officially anywhere that `sudo` does not store password but timestamp details only ? – node_analyser Oct 20 '16 at 09:28
As far as I know, there is no documentation that sudo does not need your password, and thus does not store it. This is just pure logic. I must admit I should've used the source. But again, sudo does not need a password, because it is root and can switch to any uid/gid whenever it wants to. Moreover, it is possible to create configuration where sudo won't even ask your password. see the `NOPASSWD:` in the sudoers man page. If sudo can switch user without storing a password, why would it store it ? And why would it store your password if it is not going to ask you the password again ? – exore Oct 20 '16 at 09:55
I read the answer on duplicate question and your explanation exactly matches it. Marked yours as answer here. Thanks. – node_analyser Oct 24 '16 at 09:41

Does Ubuntu store sudo password in cache?

1 Answers1