[arch-general] Tired of being asked for a password for "su"? Arch has the solution

[Ray Kohler]

On Mon, Mar 1, 2010 at 5:58 PM, David C. Rankin
<drankinatty at suddenlinkmail.com> wrote:
> On 03/01/2010 01:14 PM, Florian Pritz wrote:
>> On 03/01/2010 07:58 PM, David C. Rankin wrote:
>>>      As the comment says, the entry causes pam to implicitly trust members of the
>>> wheel group. Eliminating the need to type a 14 char pw 10 times a day is a
>>> time-saver.
>>
>> PAM itself should be pretty secure, but what you are trying to achieve
>> isn't. There is a reason behind that password prompt. You don't want
>> anyone who gains access to your account (daemons, scripts, ...) to have
>> root access right away without ever asking for a password. If you don't
>> want to type yours that often use sudo -s.
>>
>
> Ed, Florian,
>
>        Thank you for your insight. I guess I should have also included the fact that
> the box in question sits in my home-office and physical security isn't an issue.
> Also, there is only one member of the wheel group -- me.
>
>        Thinking through the threat scenario, as long as pam is doing its job and only
> allowing members of the wheel group to su without a password, that limits
> vulnerability to (1) a pam exploit or (2) privilege escalation by a user to
> become a member of the wheel group. I see it as pretty minimal, but I guess a
> good compromise is to revert to a password when then machine goes online, but to
> enjoy the convenience while I'm setting the box up while it doesn't have any
> access from the outside.
>
>        It worries me to think about the possible security implications, but the lazy
> side of me sure does like the convenience :p

What would worry me is things like JavaScript exploits and worms -
things that you download and then run as yourself, whether
intentionally or not. A password prompt will block malware like that,
but with no password, you just go owned in one step.