If anybody gets hold of the user's password and accesses their computer they could sudo <username> <command> to do anything couldn't they?
Or is there something preventing this?
Rod


On Wed, 1 Aug 2018 at 22:06, Lawrence D'Oliveiro <ldo@geek-central.gen.nz> wrote:
Found this piece
<https://www.pclinuxos.com/forum/index.php/topic,90479.0.html> in the
PCLinuxOS forums, courtesy of a reader link from
<https://www.theregister.co.uk/2018/08/01/ncsc_ubuntu/>.

Basically it says that ���sudo���, when used ���In The Manner Of the Buntus���,
i.e. to be able to run arbitrary commands as root, is a bad idea.
Instead, it should be carefully restricted to allow access only to
functions needed by a particular user. To get blanket root access, it
is better to use ���su���, which means having a separate root password.

Actually, it goes further than that: it decrees that anybody posting
instructions on the PCLinuxOS forums involving ���irresponsible��� use of
sudo (i.e. contrary to the philosophy above) is subject to having their
posts deleted, being reprimanded, and ultimately having their account
cancelled altogether.

Thoughts?
_______________________________________________
wlug mailing list | wlug@list.waikato.ac.nz
Unsubscribe: https://list.waikato.ac.nz/mailman/listinfo/wlug