As Dooitze de Jong reported in a duplicate of this bug, this can be very problematic if a user is setup to allow login without password. Another user can not then only abuse this user's account (obviously, because it does not need a password) but also gain root privileges if the user sudo'ed recently.
-- logging out of GNOME session should invalidate sudo tty tickets https://bugs.launchpad.net/bugs/46890 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
