Tugger the SLUGger!SLUG Mailing List Archives

Re: [SLUG] Lindows experience.


On Wed, 17 Aug 2005 11:56, Jeff Waugh <jdub@xxxxxxxxxxxxxx> wrote:
> <quote who="Sridhar Dhanapalan">
> > Also, are there any security implications of this? Doesn't it mean that
> > in a default setup, any local user can gain root access? Please correct
> > me if I'm wrong.
>
> Absolutely not. Have a look at /etc/sudoers to see the configuration. In
> warty, it gave full sudo access to the initial user created. In hoary, it
> gives full sudo access to members of the admin group (which the initial
> user is a member of).

Is it a good idea to give *full* sudo access to the initial user by default? 
This sounds like a security problem to me.

-- 
Sridhar Dhanapalan  [Yama | http://www.pclinuxonline.com/]
  {GnuPG/OpenPGP: http://dhanapalan.webhop.net/yama.asc
   0x049D38B4 : A7A9 8A02 78CB AB1B FCE4 EEC6 2DD9 249B 049D 38B4}

"You have no idea the evil we do on a regular basis. ... The worst type of 
criminals don't carry a gun, they take your money legally."
		-- Anonymous MCI Worldcom employee, June 2002