Package: sudo Version: 1.7.2-1 Severity: normal This might be a duplicate with bug#198991, but is actually a response to the resolution of bug#536222.
The NOPASSWD option is, as bug#198991 points out, an alarming security hole and should not be configured by default for any accounts. The configuration for the ‘sudo’ group should instead be: %sudo ALL=(ALL) ALL thus allowing anyone in the ‘sudo’ group to use sudo for any command as any user, but not without authentication. -- \ “Don't worry about what anybody else is going to do. The best | `\ way to predict the future is to invent it.” —Alan Kay | _o__) | Ben Finney <[email protected]>
signature.asc
Description: Digital signature
