Sure, without a password, 'sudo' is insecure. And so is 'su'!
I would actually say that 'sudo' is more secure than 'su' because:
with 'sudo', the privileges are automatically lost after some time (15
minutes by default), whereas it is dangerous to forget about an opened root
terminal (obtain
Read the link alimiracle gave us: it considers somebody whose SSH keypair is
stolen and who configure 'sudo' so that it does not ask for a password.
systemd is free software: show me the backdoor.
It can. Not by default though. The "NOPASSWD" tag allow a by-command
specification and the users in the "exempt_group" can do anything. Take a
look at 'man sudoers' for the syntax.
