this post was submitted on 11 Nov 2024
-44 points (20.3% liked)
Linuxsucks
345 readers
1 users here now
Rules:
- FOSS advocates and Linux evangelists aren't welcome. -We ask that you block us.
- Moderation is heavy handed. Try to stay on topic (that is LINUXSUCKS!).
- No Complaining Mute the sub if users, content, or rules bother you *it's ok to report rule violations
founded 9 months ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Either I have the right to perform the operation, or I don't.
If I don't, ask me for the password of someone who does.
If I do, ask me if I really want to elevate, but don't make me jump through hoops.
A prompt for my own password is nonsensical at this point.
And it reduces security, cause users choose a simpler password if they have to type it more often.
The prompt for your password is to prevent someone that happens upon your unlocked computer to take it over. Also I think knowing which commands can be run as superuser by a given user is considered a security issue, hiding that info behind a password prompt should at least help.
You can turn just turn the prompt off by adding NOPASSWD to your account in the sudoers file(s).
Pro-tip: Don't turn off the password requirement.
Pro-tip: Don't use sudo
Always login as root then?
Or, you know, only when you're doing root things?