On Sunday 01 June 2008 04:10:06 pm Randall R Schulz wrote:
On Sunday 01 June 2008 12:35, Rajko M. wrote:
...
... IMHO Ubuntu's idea with sudo is not good, as it is enticing users to use short root passwords, which is counter productive. Better root terminal and strong password, then sudo and 3 letter password.
That doesn't make sense to me for two reasons:
1) Sudo requests the logged-in user's password, not roots. 2) Sudo can be configured to only demand a password if a certain amount of time had passed since the last time it validated the user.
At least that's how it worked on the RHEL systems used at my last job a big company that had strict security policies.
I used the one in openSUSE 10.3 and it has default sudoers: 1) ask root password for admin tasks, 2) (so far I recall) timeout is set on 10 minutes. I guess default is compiled in, as in sudoers there is no word about timeout. The timeout of 10' is good if one wants to run few commands at once, but for me it is a hassle. -- Regards, Rajko http://en.opensuse.org/Portal needs helpful hands. --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org