whats even more ironic.. is when I approached him about this.. he said "but changing the password on a regular basis sounds like a good idea for security.." my response "yeah.. and it's also a royal pain in the arse when you forget what you set it to".. his response.. "ok.. if its that much of a problem.. I'll just write them down on post-it's and keep the current password stuck to my monitor.. then you'll always know what it is"..
so will every other person in the office...so much for security concerns...
Kel.
Jason Dixon wrote:
On Thu, 2003-09-11 at 07:43, Ed Wilts wrote:
On Thu, Sep 11, 2003 at 07:09:43AM -0400, Jason Dixon wrote:
This is what sudo is for. If he insists on having root, but can't remember root's password, just give him the ability to escalate his permissions. If he doesn't want to enter extra passwords, and you're ok with it, add the following to your /etc/sudoers file (assuming you've installed the sudo package):
username ALL=(ALL) NOPASSWD: ALL
I used to like the idea of NOPASSWD on the sudo option but have since come to realize how unsecure this really is. If you're going to run with a password-less sudoers file, you may as well run as root. A nasty script could easily do something like "sudo /bin/rm /" and you'd be dead.
Excuse my French, but "no shit". If you'd have read further down, you'd have noticed my claim that I would never personally do this on any of *my* systems, but it sounds appropriate for this guy's usage. He has a boss that a) probably can't be trusted not to screw stuff up, since b) he keeps changing the root password and forgetting it. If he has root, he can just as easily "rm -rf /" (note that your command wouldn't do much damage) and kill systems.
-- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
