[arch-general] Tired of being asked for a password for "su"? Arch has the solution
Ty John (sand_man)
ty-ml at eye-of-odin.com
Tue Mar 2 22:09:21 EST 2010
On Tue, 02 Mar 2010 20:24:20 -0600
"David C. Rankin" <drankinatty at suddenlinkmail.com> wrote:
> On 03/01/2010 05:03 PM, Ray Kohler wrote:
> > What would worry me is things like JavaScript exploits and worms -
> > things that you download and then run as yourself, whether
> > intentionally or not. A password prompt will block malware like
> > that, but with no password, you just go owned in one step.
>
> How would this be any different than 'sudo' configured to allow
> members of the wheel group to sudo w/o a password?
>
> Same answer - data prevails - set sudo to require a password? I have
> run servers for more than a decade with sudo/wheel group access
> enabled w/o a password - no problems. May have just been lucky :p
>
> Ray, all - any different thoughts about sudo w/o a password compared
> to su? Or same answer, with no password, you just got owned in one
> step :p
>
sudo can be limited to only certain commands also. IMO su should remain
as secure as possible and sudo should be customised for the situation.
More information about the arch-general
mailing list