On 23/08/17 08:49 AM, Paul Groves wrote:
Every linux distribution I have ever seen allows all users in the sudo group to execute commands with sudo anyway by default. Seeing as the user will have to have to be in the sudo gorup to even access this web page, is it really any less secure than the same user ssh-ing into the system and doing it manually?
Well yes, you can set up sudo that way, "wildcarded". You can also set up ssh to allow root login and you can also set up the X-based GUIs to automatically login as root. But I don't recommend any of the above in a production system, no matter how convenient dropping security might be in your home system. A properly set up sudo config will address a specific list of users, or perhaps a group out of /etc/group, and limit them to a specific command or set of commands. This is not difficult. The distribution config file gives examples of how to do this. Failing that, go google for one of the many How-To pages about sudo. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org