In message <70f230c70706071255k7338dc5bn85bb1ac5fe6c2fc7@xxxxxxxxxxxxxx> so spake "Mark Senior" (senatorfrog): > In other words, in the SuSE default config, sudo is just an > overcomplicated su - to sudo something as root, you need not your own > password, but root's - except you don't have to be in wheel to use it. > > If sudo is configured as above, and uses kerberos, then all users > might be able to exploit this. This bug does not affect builds of sudo that use PAM or BSD authentication for password verification so there is really no impact on SuSE. - todd
