|
|
|
|
|
|
by bluesmoon
4859 days ago
|
|
|
the user does have to be listed in sudoers. there's no confusion with sudo, it's running as designed. It compares the current timestamp to the user timestamp to determine whether to ask for a password or not. The first flaw is in the date command allowing unprivileged users to set the time. The second is that the -K flag to sudo makes the -k flag obsolete, so the latter should be dropped. |
|
|