1
Sometimes I type 'sudo su - user' in linux and then realise I'm typing it from an application account rather than a user account. I want to ctrl+c to abort the password entry. When I do this, it always freezes for a couple of seconds before it aborts the process and returns me to the shell.
What causes this pause? Can it be bypassed?
2
It's an anti-password-attack feature. It makes it more difficult (or at least slower) to try many passwords in tight loop
The Archetypal Paul
Posted 2010-12-06T13:03:41.997
Reputation: 337
While this is true, it seems unlikely to be the explanation when you're aborting the attempt with CTRL+C. You aren't actually trying the password that way, so there seems to be no security risk. – Cody Gray – 2010-12-06T15:22:54.980
1You clearly have an insufficiently warped mind :) You could speed attacks up by doing 'sudo touch /tmp/password-worked" and sending SIGTERM shortly afterwards - since a successful password attempt completes quickly, you would know quickly whether the attempt had worked or not. So there is a security risk. – The Archetypal Paul – 2010-12-06T15:29:58.117
6
Try asking at http://superuser.com/, this is not programming related
– None – 2010-12-06T13:05:11.690