Rahul Sundaram <sundaram <at> fedoraproject.org> writes:
If you have a problem with this, do explain why. Not suggesting it
is
not a problem but being more descriptive does help.
This opens the door to all kinds of cascaded exploits that would otherwise not
be possible (see:
http://lwn.net/Articles/362640/). Then local users really get
to play root, except that they are really remote users that just broke into your
system.
I have no problem with this being a choice an administrator can make, if they
feel brave enough to do it. But having this as a default behaviour is just wrong.
--
Bojan