Security risks?
neuhoff at mhccorp.com wrote:
> Is this really a secure setup?
no :)
well, better.. not yet.
> Why doesn't 'sudo' prompt for a root password?
because we configured it like this.
> How exactly was it configured so as not to even prompt for a password for the
> normal user after bootup?
> And how exactly was it configured so as not to have a root account?
look at 10adduser resp. 15autlogin in
live-initramfs/scripts/live-bottom/ resp. casper/scripts/casper-bottom/.
> Is all the magic done via the /etc/sudoers file only?
yep.
Today, I've added 'noautologin', 'noxautologin' and 'nosudo' boot
parameters to disable the respective features in live-initramfs in SVN.
Will think of a 'clever' way to have --user-password and --root-password
or similar in live-helper.
--
Address: Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist
Email: daniel.baumann at panthera-systems.net
Internet: http://people.panthera-systems.net/~daniel-baumann/
Reply to: