[maemo-developers] becomeroot once again but with password

From: Marius Gedminas marius at pov.lt
Date: Thu Feb 22 18:40:49 EET 2007 
On Wed, Feb 21, 2007 at 08:54:55PM +0100, marc zonzon wrote:
> If now you want to authenticate you have 3 options:
> a) When logging in, the usual way but seems to be incompatible with the IT,
> you become user without logging in.
> b) As user when doing the sudo, it's what happen if you have a user 
> password,
> in this case you can use the same setting for sudoers that is the
> default on ubuntu:
> root    ALL=(ALL) ALL
> user    ALL=(ALL) ALL
> or also the one proposed by marius.
> it seems nice, I have not tried because William Maddler say in his
> tutorial that "some built-in apps (notably Application Manager) will
> appear to not load while they wait silently in the background for the
> password to be entered." and I don't want that. Marius I suppose you
> use this solution? what bout these sleeping apps?

I use the solution with NOPASSWD:.  No problems whatsoever with
Application Manager and/or other apps.  I have not removed any of the
default sudoers rules, just added two lines at the end.  Here are those
two lines again, for your convenience:

    user ALL = (ALL) NOPASSWD: ALL
    root ALL = (ALL) NOPASSWD: ALL

Security-wise, I see no increased risk from allowing passwordless root
for anyone who has user-level access.  All the sensitive data is already
accessible for the user, and it's trivial to install some package
(becomeroot) to get root anyway.

Marius Gedminas
-- 
"Wipe Info uses hexadecimal values to wipe files. This provides more security
than wiping with decimal values."
	-- Norton SystemWorks 2002 Manual
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.maemo.org/pipermail/maemo-developers/attachments/20070222/03af2c4d/attachment.pgp
More information about the maemo-developers mailing list