On Wed, 2009-07-29 at 20:36 +1000, Ben Finney wrote: > The NOPASSWD option is, as bug#198991 points out, an alarming security > hole and should not be configured by default for any accounts.
I'm not really sure I agree that this is alarming by itself, but a confluence of seemingly-independent events can certainly generate unanticipated results! > The > configuration for the ‘sudo’ group should instead be: > > %sudo ALL=(ALL) ALL > > thus allowing anyone in the ‘sudo’ group to use sudo for any command > as any user, but not without authentication. I agree. Thank you for suggesting this, I'm making the change now. Bdale -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
