Is it me or is it sudo?
Joe Zeff
joe at zeff.us
Wed Mar 28 17:19:12 UTC 2012
On 03/28/2012 08:29 AM, Reindl Harald wrote:
> on a usual desktop PC with a standard-user it is a VERY bad
> idea because any attacker only needs to try "sudo anything"
> to get full control over the machine
My thoughts exactly. Except under very unusual circumstances I'm the
only person who ever uses this PC, but I don't have sudo set up with
nopassword. In fact, as I know the root password (being the person who
installed Fedora) I don't have sudo set up at all. AIUI, sudo was
written to allow people *who don't have the root password* limited
access to administrative commands.
Yes, I understand that there are times you have to use sudo instead of
su in a production environment to ensure that everything gets logged,
but I've never understood why anybody would do it at home. YMMV and all
that jazz, but if this is a home box, I'd suggest asking yourself why
you're bothering with sudo in the first place.
More information about the users
mailing list