Author: Alessandro Selli Date: To: dng Subject: Re: [DNG] gvfs depends on libsystemd0
Il 12/04/2017 03:32, Rick Moen ha scritto: > Quoting Alessandro Selli (alessandroselli@???):
>
>> I argued against the assertion by Rick Moen that sudo constitutes "a
>> proxy for the root password"...
> I did not so state.
>
> I characterised a particular usage model of sudo as such.
As sudo can be made to operate either requiring the user to type his
own password or no password, stating (now) that just "a particular usage
model" of sudo constiutes a proxy for the superuser's password can only
refer to the case the user has to type his password. If you think using
an unprivileged user's password to carry out privileged tasks will lead
to a root password bypass by some attacker, one can hardly figure how
you might think using no password at all could not constitute at least
as dangerous attack vector, so your point about the alleged oot password
proxy related to just a specific "usage model" of sudo is moot.
Of course you always skipped any explanation about how could you think
that typing the superuser's password for such a menial task as mounting
a filesystem (something Unix systems have done for decades) could be
thought of as a more secure approach to password and system protection
than typing an unprivileged user's one or no password at all.