On 03/01/2010 05:03 PM, Ray Kohler wrote: > What would worry me is things like JavaScript exploits and worms - > things that you download and then run as yourself, whether > intentionally or not. A password prompt will block malware like that, > but with no password, you just go owned in one step. How would this be any different than 'sudo' configured to allow members of the wheel group to sudo w/o a password? Same answer - data prevails - set sudo to require a password? I have run servers for more than a decade with sudo/wheel group access enabled w/o a password - no problems. May have just been lucky :p Ray, all - any different thoughts about sudo w/o a password compared to su? Or same answer, with no password, you just got owned in one step :p -- David C. Rankin, J.D.,P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com
