Depends who the user is. You, maybe not. But what if someone got into your system and installed/ran executibles with ill intentions? No prolem, no need for sudo or root password!

1 members found this post helpful.

that is a very different case scenario.

for one,

for two if someone knew I didn't need a pass word that is my fault for telling them that. that too is a security issue. that'd be like telling someone else my password.


even a newbee someone that has no idea of how to admin a Operating System of any kind and is given the ability to do so. even to do whatever to a sudoers file and screws it up. now whos fault is it?

I'd say the people that hired them. Not me no matter what i told them. It is a suggestion, not a command that I gave out.

you keep missing the part where I said

give that a TRY!

why do people tell you to try something no matter what your expertise is on whatever it is they tell you to try?

Sorry guy, sudo export whatever is completely meaningless.

I think you really need to think about things more carefully. sudo is complex and the fact that there is an option for no password absolutely does not mean that the people responsible for it think that giving a user account unlimited access without a password is a god idea.

You can call it scapegoating to protect a user account if you want -- I call it part of the process of security. There are also the occasions I mentioned where
an otherwise absolutely safe command accidentally run as root can cause issues further down the line and having to enter a password can prevent that happening.

Again, if you wish to use a system in that way that's fine. You know the risks and how to mitigate them and take responsibility for that. To recommend, without warning, that a new user do the same I call irresponsible. Let people make their own minds up but let them know the risks.

2 members found this post helpful.

is alcohol a mind-altering drug?

i think that would actually be really cool.
problem is, in 9 out of 10 cases these cowboys come crying to mummy (i.e. desperate "Help me!" threads here on LQ) when they stubbed their toe...

TMBG said it how it is long before linux even existed:
================

exactly.
the newb here being any potential forum reader, not (just) fixit7.

childish.
teachers say "don't do it" not because they have the absolute power to make that decision for you, but because they want you to consider.
in other words, we have all been there ourselves (i know i have), but to encourage & sanction it is wrong.

double OT:
the psychology of linux forums, i love it!

1 members found this post helpful.

huh? in what respect?

I got it off the net, slapped it in my term hit enter for both of them then typed visudo and nano opened up my sudoers file instead of vi. So for you to tell me that it is meaningless make no sense to me.

Unless you have no understanding of the commands sudo and export. Which I myself doubt that is the case.

ok, listen to this:
su and/or sudo will open a new shell. export may or may not work in the new process, but anyway after execution of the command (=sudo command) the process will be dropped together with its environment. Therefore variable settings inside is invisible in the parent (= current) shell/environment. You need to learn/understand this.
Unless you have no understanding of the commands sudo and export. Which I myself doubt that is the case.
from the other hand export is a builtin command of bash (or whatever shell you use), and cannot be executed with sudo at all, because sudo will not be able to find that binary.
last but not least export works inside the current shell (only) and works perfectly without sudo and there is no any reason to do that with sudo.

1 members found this post helpful.

O tay Mr. Over Thinker,

lets take a look at the scenario and not what is going on within it first.

dang let me go get a coffee first.

Yes sudo can be made to be very complex or simplistic via the sudoers file.

Yet on the other hand, it does not mean that the people responsible for it giving a user an unlimited access without a password is a bad idea either.

it all depends on the situation, or scenario.


I do not see how having to enter a password would thwart anyone from issuing a bad command, it'd only slow them down some. Due to them now having to type one more thing into the command line before issuing the "bad" command.

They've already committed themselves to issuing said command. Having to now enter a password before they fully act on it. How does that prevent them from carrying out on this act of entering a command bad or good?

They experience and understanding of what they are doing is the only thing that can stop that from happening and even sometimes that is not enough.

I even once ran across a video in youtube of the CEO of Red Hat that on one day issuing a command wiped out his entire system. And he is a CEO of Red Hat oops ....

therefore, it matters not if one has a password or not or has an actual root account and is in. mistakes happen it is a fact of life. having to first type a password before going further does not prevent that from taking place.

what is that rule of thumb for Linux again??

type once look twice to be sure what you wrote in there is correct because it is not windows and you are not going to get an "are you sure" message. it just runs it. password or not.

It only prevents others from using that persons user name to do whatever in their account to lay blame onto that user and not them.





I was doing this under what scenario?

a senior member of LQ for one. Which you keep side tracking and or others that have said bad boy shame on you to me over this.


running a distro of Debian just playing around with it in the context of wanting to learn something.

No where in his post was their any indication that it is a server that others have access too. if it was then again someone that is running a server and is a human being needs to learn not only how to run Linux but to use his or hers own brain as well.


If I tell someone to jump off a cliff without a buggy cord or parachute and do not warn them of the hazards and they do it anyways.


Is it really my fault?

NO!

he is his own person. He too has freewill and a brain like everyone else. He is not a five year old that does not have a good perception of depth.

Even if this person is only 14 years old to tell him or her to give this a try. What do they have to prevent them from doing so? Do they have to enter a password before they actually do or do not give it a try?

They have freewill and a brain to exercise their ability to reason and use logic.

I take no fault on what I did, here try this.

one with basic windows knowledge even should know that he or she does not need a password to do whatever now. It is their system. They themselves have a level of responsibility regardless of what someone tells them to do or not.

me by telling that person to give sudo without a password a try is not malicious in anyway whatsoever, nor does doing that destroy anything on his system whatsoever. Nor did I take away his freewill and ability to reason and use logic.

I did not even tell him to hey try this
give that a try and see what happens.


Auto log in for instance go and warn everyone that wants to use that now.

You are right that making mistakes is one of the ways humans learn.

I used to run Puppy Linux.

It's default is to run as root all the time.

If I did not have some hardware issues with it, I would still be using it.

It was half the size of most other distros.

It is indeed an important path to learning, but certainly not the preferred path!

Learning from the mistakes and knowledge of others is certainly much higher on the preferred list!

3 members found this post helpful.

Running sudo with password disabled and from an ordinary user's account is dangerous and plain stupid. I humbly suggest to anyone reading this to follow the advice given above, except those from BW-userx. Stick to well-proven security practices, not to bad habits. Mentioning "free will" to justify ill-advised setups is irresponsible and makes no sense.

5 members found this post helpful.

so now you're calling me stupid. Thank you for that insult.



and you used your freewill to post this, your option, and others will use there freewill and reasoning and logic to decided to either follow your advice or not and some that do not like to use their brains will just follow you. Regardless if you are right or wrong. Still they have used their freewill to decided one way or the other.

Freewill always comes into play no matter how much you may deny it. Unless one is suffering from a psychopathological disorder where freewill becomes hindered.

you are trying by your words to stop others from actually using their own brains and replace them with yours. By telling them to do it your way, and this is why without any real proofs whatsoever, just a blank statement to present your case against me.

how does one having no password in an ordinary user's account dangerous?

having a password does not prevent a wrong command to be entered into the CLI.
Having a password does not prevent that user from making a typo in the CLI.

as I stated it depends on the scenario. if one is paranoid or their is a real threat of someone else using your account to do something so that person will have to take the blame. But then again that falls into the depends on the scenario area.

if one has a system that only he or she can access then no real need for a password.
if one has a system that it doesn't really matter what happens to it because it is just being used for a test bed to play around on then no real need for a password.

go and recall history of the one that wrote GNU. Back before he wrote GNU and passwords. they where non existent. He even rebelled against the password policies.

1 members found this post helpful.

If you wish you can report it, there is a report button at every post


What you really missed here: crackers, viruses, hackers and other similar "things" will not play your scenario, but will force you to play based their own rules.
So you need to prepare to protect yourself against them, which actually may mean some inconvenience, like do not allow:
This is something like an open door, and means you allow anyone to come in, and do what they want

I have a 'basic' question here: 2 scenarios: assume the one where ip addr is 192.168.1.2 or 10...
Nothing 'outside' can connect into it (RFC1918), I'm thinking. Is that true? Then, no passwords needed.

if the local network was completely isolated - than noone can connect.
But if this network is connected to the internet (using a router or whatever) - so if there is a way to go out than there is a way to come in too.