You do not have to be in the admin group to 'exploit' it. However, the importance is best at Medium or even Low IMO because this does not subvert sudo protections (ie, you need to be allowed to perform the action in sudoers). Also, the timestamp feature does work (ie, you'll be prompted for a password after timestamp_timeout has expired), and you can delete/invalidate the timestamp using -K/-k under nohup.
-- Local privilege escalation when executed with nohup https://bugs.launchpad.net/bugs/285805 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
