When you run something with root permissions, it does not require your password to run another sudo-command for 5 minutes. Now what is to stop a tutorial page to make a javascript to run a malicious command after a certain amount of time, say four minutes?
Bookmarks