Package: sudo Severity: normal As documented in bug 536222, no users have group "sudo" by default. Thus, not prompting for a password for users in group sudo does *not* represent "an alarming security hole", or any security hole at all. On the contrary, it represents a convenient default configuration. Don't add users to group sudo if you don't want them to sudo.
Please do not remove NOPASSWD from the default sudoers configuration for group sudo over claims of "alarming" behavior. The configuration of sudo 1.7.2-1 provides equivalent behavior to that of all versions of the Debian sudo package until version 1.6.8p12-5 from 2007, and nobody complained about security issues. The exempt group sudo got dropped by default not because of security, but because of the very reasonable complaint that /etc/sudoers could provide an equivalent configuration in a more obvious and configurable way. Enabling the equivalent configuration by default has precisely the same security implications: anyone in group sudo, which has *no users by default*, can become root without a password. If admins want a different configuration, they can either change the configuration to remove "NOPASSWD:", or add a different group, or add individual users, or any number of other reasonable local configurations. I filed bug 536222 in the hopes of achieving a more useful default sudo configuration. If people have specific security concerns about allowing passwordless sudo for group sudo by default, I will happily do whatever I can to address them, up to and including providing patches for the Debian sudo package to make it easier for people to achieve the configurations they want. Please let me know what I can do to help. Thank you, Josh Triplett -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.30-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages sudo depends on: ii libc6 2.9-23 GNU C Library: Shared libraries ii libpam-modules 1.0.1-9 Pluggable Authentication Modules f ii libpam0g 1.0.1-9 Pluggable Authentication Modules l sudo recommends no packages. sudo suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
