by jiml8 » Oct 5th, '15, 00:11
While I never did the nopasswd thing in sudoers, I did use my regular user password in sudoers for a long time.
As I have become more and more heavily involved in security work, and as I have been forced to consider the possibility that my lan might be entered from another lan because the user on that lan (a friend with whom I live) is clueless and has some access to my NAS, I have revisited a lot of my lackadaisical intra-lan security and have tightened up a lot.
One of the first step in tightening up was to alter sudoers so that when I sudo I have to enter the root password rather than my usual user password. After all, if an intruder gets root I'm screwed anyway, and if an intruder actually gets in, I have to presume my user password is compromised. If my user password is compromised, then I can't be giving root access through sudo, now can I?
The default should be toward higher security rather than lesser security. To this end, sudo should be not available until the user configures it, OR...the user should be required by default to enter the root password in order to sudo.
Last edited by
doktor5000 on Oct 5th, '15, 02:11, edited 1 time in total.
Reason: removed fullquote