root vs user. installing firefox
bruce.dubbs at gmail.com
Sun Dec 21 00:05:57 PST 2008
Agathoklis D. Hatzimanikas wrote:
> Using sudo without a password should be discouraged at any chance and
> should be avoided.
That depends on the system. Who has access to it is an important factor.
Convenience and security are always trade offs. On a system where we are
building lfs/blfs, it really shouldn't matter until and unless it is put into
"production" and contains something you want keep provate.
For instance, my systems sit behind a firewall that is set up so that nothing
can initiate a tcp or udp communication from the outside. On the inside, I'm
the only user. I choose to have sudo available to me without a password. Is
this a vulnerability? Sure. But one I know about and am willing to accept.
Could it be compromised? Highly unlikely but I suppose its possible through a
browser hack. Running Windows would be a much greater risk.
> Unfortunately there is a relative line in the shipped sudoers and I am
> thinking that maybe it will be wise to eliminate it with a sed (anyone
> cares to open a ticket?,
Which line is that?
> I have a bad reputation in blfs dev team,
> regarding this issue, thus I can't do it myself), so it won't be exposed
What are you talking about?
More information about the blfs-support