On 11/18/2009 05:21 PM, Peter Jones wrote:
You've sortof missed my point here, which isn't a big surprise since I
left a lot of space to figure it out in.
root added your name to /etc/sudoers. She might have put:
cjd ALL=(ALL) NOPASSWD:ALL
but apparently instead she put:
cjd ALL=(ALL) ALL
If sudo is asking you for a password, it's because somebody intentionally
made a choice for it to do so, in the config file. It's not some kind of
accident. It's not some global policy because of a universal truth, as you
seem to think. It's a choice somebody made when they put your name in
there.
(Read what you will as to how this is relevant to our current predicament.)
Ok, lets put it another way:
Why is it a good idea? We could say:
1) It isn't. The sudo authors added no value by giving admins this option, and wasted
everyone's time by making it the preferred behavior (you have to explicitly /say/
NOPASSWD if you want it. That's a very different message than having to explicitly say
PASSWD. Ultimately the UI here encourages leaving the password prompt enabled when doling
out permissions).
2) All the information granted to the process about the context in which it was run is
insufficient to verify something that prompting for the password verifies.
And yes, sudo does also try to make sure its running on an actual console (try piping a
password to it sometime).
--CJD