Web lists-archives.com

Re: [SOLVED] Re: Security hole in LXDE?




Greg Wooledge:
> On Mon, Mar 06, 2017 at 06:31:46PM +0000, Joe wrote:
>> Debian appears to use the group 'sudo' as an administrative group,
>> where some other distributions use 'wheel'.
>>
>> I would not have thought that users would be added to it by default,
>> there are no members on my sid/xfce4 workstation. Indeed, up to Jessie,
>> sudo was not installed at all by default, and may still not be.
> 
> If you use the regular Debian installer, the user account that you
> create during installation gets added to a lot of these special groups
> (sudo, cdrom, floppy, audio, video, ...?).  Users that you create
> post-installtion using adduser or useradd do not.

On an Debian-lxde installer you are asked for a root pass and then a
username/pass
As I remember before you manually add a user in the user group the sudo
command results to error.  Before I figured it out I had to use su
instead and any admin-package required user:root and pass to run.  After
adding a user in the sudo list all such packages ask for the user's
pass.  I think it is a sensible policy.

-- 
 "The most violent element in society is ignorance" rEG