Randy McMurchy wrote: > So, only if the root account is compromised can it be dangerous. > And, if root is compromised, you're already in big trouble.
Not quite. Scenario: User is given access via sudo to run all root commands but without requiring a password. User logs in to machine. User gets up and leaves machine. User's cat walks on keyboard and manages to type 'sudo rm -rf /lib'. Alright, well, *that's* not likely to happen. But the point is without requiring a password, anyone that stumbles on your machine if you're logged on also has root privs. Granted, there *should* be best practices employed by a smart user to keep that from happening, but it is a hole. -- JH -- http://linuxfromscratch.org/mailman/listinfo/lfs-support FAQ: http://www.linuxfromscratch.org/lfs/faq.html Unsubscribe: See the above information page
