On Tue, 02 Mar 2010 20:24:20 -0600 "David C. Rankin" <drankinatty@xxxxxxxxxxxxxxxxxx> wrote: > On 03/01/2010 05:03 PM, Ray Kohler wrote: > > What would worry me is things like JavaScript exploits and worms - > > things that you download and then run as yourself, whether > > intentionally or not. A password prompt will block malware like > > that, but with no password, you just go owned in one step. > > How would this be any different than 'sudo' configured to allow > members of the wheel group to sudo w/o a password? > > Same answer - data prevails - set sudo to require a password? I have > run servers for more than a decade with sudo/wheel group access > enabled w/o a password - no problems. May have just been lucky :p > > Ray, all - any different thoughts about sudo w/o a password compared > to su? Or same answer, with no password, you just got owned in one > step :p > sudo can be limited to only certain commands also. IMO su should remain as secure as possible and sudo should be customised for the situation.
