On Thu, Oct 24, 2013 at 12:04 PM, Scott Ferguson <scott.ferguson.debian.u...@gmail.com> wrote: > > I don't do default[*1] installs. Certainly "expert" install mode gives a > choice (choices are good) - regardless of whether people use sudo or not > root *should* have a different password to any other user. > > But of course it's the system administrators choice if they wish to > become a festering repository for linux malware and inflict their > digital diseases on the rest of us... > > IMNSHO sudo is "generally" a good bad idea, far too many people use the > same password for sudo as for the user - and far too many people can't > see the problem with that. Worse, and *very* common with, um, "users" of > a "popular" derivative of Debian is "%sudo ALL=NOPASSWD: ALL" which > requires no password for sudo(sigh).
1) In a default setup where sudo's installed and enabled, root doesn't have a password. 2) The whole point of disabling root and using sudo is to become root using one's own password. 3) There may be users or this or that distribution who add "NOPASSWD:" to their sudoers files but that's up to the users. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAOdo=szkq41uyyqdbqwqpayz7avgmscrcbztsosdxj8asw-...@mail.gmail.com
