On Fri, Feb 7, 2014 at 2:37 AM, Sahar Massachi <sa...@brandeis.edu> wrote: > The fact that there's a "naked sudo" hole is brutal. > > Forgive me if I misunderstand the problem, but how could *anyone* ship a > distribution with a passwordless sudo? That seems like it requires > deliberate malice to even set up.
Careful here: Tails had passwordless sudo prior to v0.11, less than 2 years ago. So either unlimited local root access is not such a big deal, or recommendation to use Tails is short-sighted — in either case the report has a problem. I suggest that the report author sweeps both issues under the carpet simultaneously using a politically correct language referencing problems that were taken care of a long time ago, and are not that critical to begin with. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
