[mdlug] /etc/sudoers -A rant and an attempt at better documentation
Fati
fati at venerealinjection.com
Mon Jan 8 11:34:58 EST 2007
> If it's a "personal" machine, I recommend just adding the following line:
> driveray ALL=NOPASSWD: ALL
> This allows you to do anything you like without typing any password,
> which is what I do.
I can see the point behind doing this, but honestly most attackers
don't a fig about your data, but rather want to use your machine for
evil doing. If this mentality were more widespread the implications
would be terrible.
If a malicious person could count on the fact that a linux user would
not require a passwd to sudo to root, any code execution exploit for
linux would be just as harmful as it is on Windows. On the bright
side though, we'd probably get a really nice and well updated FOSS
virus scanner out of it ;)
--
Fati
"I don't know what weapons World War Three will be fought with, but
World War Four will be fought with sticks and stones." - Albert
Einstein
More information about the mdlug
mailing list