Package: sudo Version: 1.6.8p5-1 Severity: normal
sudo is configured with '--with-exempt=sudo' by default. This results in behaviour that is not documented in the manpage (only in /usr/share/doc/sudo/OPTIONS). Everyone in the sudo group can run sudo without entering a password. Using the PASSWD option for the sudo group in /etc/sudoers doesn't change this behaviour. Wouldn't it be more obvious to put "%sudo ALL=NOPASSWD: ALL" into /etc/sudoers instead, in order to achieve the same default behaviour (if really desired and/or needed). Perhaps make it a default entry in /etc/sudoers, or a commented example entry? Cheers, Thierry
signature.asc
Description: Digital signature
