[nycbug-talk] passwordless sudo: yay or nay?
N.J. Thomas
thomas at zaph.org
Sat Nov 8 18:33:15 EST 2008
I've noticed a trend in the past few years where a lot of Unix users (a
group in which I clump BSD, Linux, and Mac OS X) are using passwordless
sudo.
I've always thought this to be a security risk, if a local account with
sudo access is compromised then the attackers have root access, so all
my accounts that have blanket sudo access (i.e. "ALL=(ALL) ALL") need to
enter a password.
What is the current thinking/best practice on how to setup sudo on PCs
and personal Unix-based desktops? Is passwordless sudo okay in this
context?
Thomas
More information about the talk
mailing list