Re: Please, don't let sudo be auto-removable

To: debian-user@lists.debian.org
Subject: Re: Please, don't let sudo be auto-removable
From: Jan Claeys <lists@janc.be>
Date: Thu, 31 Jul 2025 20:01:56 +0200
Message-id: <[🔎] 9f1c6bbb99bac17a6a6eadd78b4edfae8956c273.camel@janc.be>
In-reply-to: <[🔎] e110de92-8f5d-44ad-a6a4-f13d0f72cfca@darac.org.uk>
References: <[🔎] 530c7212-c2c1-4e24-b169-dd4c0ecf9bdd@chafar.net> <[🔎] DACA7CA0-38EC-4C0B-B7C4-92ED77C116B3@cyberfusion.nl> <[🔎] e110de92-8f5d-44ad-a6a4-f13d0f72cfca@darac.org.uk>

On Wed, 2025-07-30 at 19:55 +0100, Darac Marjal wrote:
> There's an argument that sudo should refuse to uninstall itself (e.g.
> in a prerm script) if the root user doesn't have a password at all.
> That would be a neat trick.

There are many other tools that allow you to run things as root under
certain conditions (doas, pkexec, runc, ssh, etc.).  There is no way
sudo's prerm script can check all possible ways (which would also
include being able to "understand" all possible configurations of each
tool!).

-- 
Jan Claeys

(please don't CC me when replying to the list)

Reply to:

Follow-Ups:
- Re: Please, don't let sudo be auto-removable
  - From: Nicolas George <george@nsup.org>
- Re: Please, don't let sudo be auto-removable
  - From: Andy Smith <andy@strugglers.net>

References:
- Please, don't let sudo be auto-removable
  - From: José Esteban <chafar@chafar.net>
- Re: Please, don't let sudo be auto-removable
  - From: William Edwards <wedwards@cyberfusion.nl>
- Re: Please, don't let sudo be auto-removable
  - From: Darac Marjal <mailinglist@darac.org.uk>

Prev by Date: Re: transferring boot
Next by Date: Re: Please, don't let sudo be auto-removable
Previous by thread: Re: Please, don't let sudo be auto-removable
Next by thread: Re: Please, don't let sudo be auto-removable
Index(es):
- Date
- Thread