I have managed to reproduce the bug on a freshly installed Ubuntu 11.10
box. I am altering the bug description to include the steps to reproduce
the error.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Thanks for looking into this!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/882255
Title:
No administrative actions possible (password refused) after enabling
passwordless login
To manage
Assigning the bug to the sudo package as that seems the most targeted.
** Description changed:
If I choose not to have a password for my operating account, every
operation fails if it needs root access. Reproducable even on a newly
set up machine. See:
Actually, leaving any user account that can sudo to root without a
password leaves the machine potentially open to intruders. If someone
exploits a vulnerability and gets access to a shell, he could
potentially gain root privileges on that box. It takes only one insecure
account to compromise the
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: ubuntu
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/882255
Title:
No root
Security isnt really a concern here. If we choose to have no password,
we should have no penalty for doing so. There are many reasons for doing
it, some as valid as the security risk
Personally, I believe the whole security thing is overrated, and if I'm
wrong, then let my unprotected computer
Some quick notes:
-the check for empty passwords and the alteration of the sudoers file, if
*really* required since it's a security risk, should be done in the installer
and in the passwd program;
-otherwise, a simple way to prevent null passwords to be used (the most
straightforward way) is to