Marc R. Schoolderman

Thanks for this really insightful comment. I do think we were convinced that the functionality, in the cases where it is needed, it is really really needed. E.g. providing a...

What I like about the observation is that it purely looks at sudo security of the invoking user Another mitigation that is simpler (e.g. not requiring a config setting) that...

Thanks for all the input. We had a team discussion today and we think that the scenarios where an attacker has control over what askpass program is used would also...

> To be honest, though, we're kinda trying to move away from sudo anyway, so I doubt we would ever implement this on our side... The reason we didn't originally...

> I hope that we could update your perception on the usage and requirements of a sudo askpass functionality. Once a project commits to using sudo askpass for elevation purposes...

I think i'd prefer a solution that Bjorn suggested, e.g. check that the response falls in the accepted range (0.. MAX_MSG) On the other hand, this scenario is pretty remote:...

Thanks for the report! This is the behaviour that I would naively expect. To gather information for deciding on the priority of this bug, we are curious whether this usage...

The issue is indeed caused because sudo starts the command in the background in this situation and then doesn't make the TTY available. The fix here that I expect is...

Happy hacking! At some point we'll want to have this fixed, but we won't have time before december and more likely january. But I'll notify you if we start taking...

Todo: add unit tests, add comment about `$` being last.