Re: sudo security Was: Reporting missing package during install
Tom H writes:
> On Thu, Dec 12, 2013 at 9:40 AM, Gian Uberto Lauri <saint@eng.it> wrote:
> > Bob Proulx writes:
> >>
> >> Right. Because normal users can't change the system time.
> >
> > Sorry, wrong. With 'folk ALL=(ALL) ALL', user folk can run as root ANY
> > program including 'date -s'. Or at least 'sudo bash', and then live
> > happy with a shell executed with the root id.
>
> But "normal users" don't have "ALL=(ALL) ALL"...
Home users with one account on the machine have ALL=(ALL) ALL.
These will be the target, once the number reaches the "critical mass".
--
/\ ___ Ubuntu: ancient
/___/\_|_|\_|__|___Gian Uberto Lauri_____ African word
//--\| | \| | Integralista GNUslamico meaning "I can
\/ coltivatore diretto di software not install
già sistemista a tempo (altrui) perso... Debian"
Warning: gnome-config-daemon considered more dangerous than GOTO
Reply to: