[arch-general] makepkg security
daenyth+arch at gmail.com
Fri Jul 10 12:00:47 EDT 2009
On Fri, Jul 10, 2009 at 04:01, Thomas Bächler<thomas at archlinux.org> wrote:
> Our policy is usually to ship whatever upstream ships. IMO, a good default
> would be to set sudo to require the root password (not the user password)
> and not cache any passwords at all.
I strongly disagree with this. That's a disaster on a multiuser
system. It purposely does *not* require the root password so that a
user is responsible for only their own password, and so that you can
limit their usage of superuser powers to only specific commands.
> Also, I think instead of using sudo in makepkg, we should use su by default
> (with an option to enable sudo). su always has a good default configuration
> requiring the root password (it's also possible to set it to allow
> password-less su in the pam configuration, but everyone who does that is
> crazy anyway).
I don't think that should really be the default, personally. Sudo has
been fine, I don't know of anyone having an actual issue with misuse.
More information about the arch-general