Carlos E. R. wrote:
The Sunday 2008-06-01 at 17:26 -0500, Rajko M. wrote:
That doesn't make sense to me for two reasons:
1) Sudo requests the logged-in user's password, not roots. 2) Sudo can be configured to only demand a password if a certain amount of time had passed since the last time it validated the user.
At least that's how it worked on the RHEL systems used at my last job a big company that had strict security policies.
I used the one in openSUSE 10.3 and it has default sudoers: 1) ask root password for admin tasks,
You are supposed to disable that behavior after you have done the initial system configuration. Ie, you install the system, configure it, and then, edit the sudoers file and disable the requesting of root's password.
The default sudo configuration serves three purposes: - be usable without configuration - but don't allow more than su already does - aid admins to avoid common pitfalls due to misconfiguration First and second goal is achieved with asking for root's password and by allowing everone to use sudo (upstream default is to ask for the user's password but allow noone to use sudo). Third goal is achieved by not keeping the environment by default. I wouldn't say that you are supposed to change that behavior. It's fine to modify the config to achive other goals such as asking for the users' password. You'll have to restrict who is allowed to use sudo then though. cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org