Thanks for reporting this issue. Since you need to be root to create a new user, this can probably not be used directly as exploit. But I agree that creating a user "admin" should not create one that is in the admin group. So either removing this configuration line or create a admin group by default. In the latter case, adduser will fail to create a admin user.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1843829 Title: sudoers: admin group has permissions, but does not exist by default To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1843829/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
