• 0x4E4F@sh.itjust.worksOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          3 months ago

          Oh, sorry, I misread programs as programmers 😁.

          And no, I don’t think so. Credentials need to be cleared before exectution.

          • Kairos@lemmy.today
            link
            fedilink
            arrow-up
            1
            ·
            3 months ago

            Okay. So you must invoke sudo fr on the exact same shell? It cant be taken from a subsequent script?

            • 0x4E4F@sh.itjust.worksOP
              link
              fedilink
              English
              arrow-up
              2
              ·
              edit-2
              3 months ago

              Credentials are inherited by every child process that the parent process invokes. Thus, if you give root credentials to a command, every subsequent command that the original one invokes will have root credentials.

              There are some exceptions, but these are special case scenarios and are literally only a few.

              • Kairos@lemmy.today
                link
                fedilink
                arrow-up
                1
                ·
                3 months ago

                That doesnt at all answer my concern but I’ll interpret the answer as no it doesn’t do that.

                • 0x4E4F@sh.itjust.worksOP
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  edit-2
                  3 months ago

                  Sorry (again 😂, this happens quite a lot with you, lol), it’s early in the morning here, didn’t have my coffee yet.

                  If the question is can privileges be escalate later on while a command or a script is executing, the answer is yes. You can also deescalate them once the root creds stuff is done executing. You just have to make it clear in the script or the command that “you do this with root creds, but then you continue with user creds”.

                  The point I was trying to make with my previous comment was that, if a process (command, script, whatever) is ran with root privileges, every program, command, script it invokes later on is ran with root privileges, unless it’s specifically noted to run this or that part with some other privileges.

                  • Kairos@lemmy.today
                    link
                    fedilink
                    arrow-up
                    1
                    ·
                    edit-2
                    3 months ago

                    That also does not answer my question. I must’ve said it wrong.

                    I was wondering “if I run a single command with sudo, and the timeout to when I would have to enter my password again for another sudo is aay 5 minutes, and I run another command without sudo within those five minutes inside that same shell, would that command be able to maliciously elevate itself using sudo?”