• Kairos
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 month ago

    That also does not answer my question. I must’ve said it wrong.

    I was wondering “if I run a single command with sudo, and the timeout to when I would have to enter my password again for another sudo is aay 5 minutes, and I run another command without sudo within those five minutes inside that same shell, would that command be able to maliciously elevate itself using sudo?”

    • 0x4E4F@sh.itjust.worksOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 month ago

      If by maliciously you mean a virus might take advantage of the system in those 5 minute, the answer is, yes, it is possible… not likely, but possible.

      If the question was, can the shell by itself escalate a command that does not have sudo in front of the command, the answer is no. If it did that, than there are some serious bugs in the code… or some malicious code planted in it. By definition, it’s not supposed to do what you don’t tell it to do.