Hi Tom
En 25 de febrero de 2020 18:39:51 tom
<t...@206-212-236-243.static.onlinenw.com> escribió:
On Mon, 24 Feb 2020 14:33:25 +0100
Tito via Dng <dng@lists.dyne.org> wrote:
and only for known "safe" commands. For everything else, it'd be much
better to just log in on a tty as root. Same goes for su.
for sudo only if set
user ALL=(ALL:ALL) ALL
or if the user is added to the sudo group
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
if used for single commands it should not be a problem
unless you allow to open a root xterm....
To replace su or sudo binary you need root so at this point
the system is already compromised.
The use with no password solves one problem but creates others
like everybody being able to wreck the system with synaptic
or gparted as soon as they find an unattended desktop.
Don't want my mom to use synaptic......just mail and browser.
just so you know, it's more traditional and portable to allow the wheel
group to sudo, not have a separate sudo group.
https://en.wikipedia.org/wiki/Wheel_%28computing%29
%wheel ALL=(ALL:ALL) ALL
Wheel seems to be analogous to sudo, but focused to other diferent unix
systems (like, for example, BSD). Am I wrong?
Aitor.
Enviado con AquaMail para Android
https://www.mobisystems.com/aqua-mail
_______________________________________________
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
