21 Dec
2015
21 Dec
'15
12:41 a.m.
On Sunday 20 December 2015 21:32:41 Thierry de Coulon wrote:
if I can easily guess someone's user password and he has sudo rights, then sudo passwd root and sudo passwd <user>: I'm the boos and he's out.
(Sorry, misquoted last time.)
I'm equally worried about the things that sudo users can and do do to themselves because it is so easy!
Lisi
So, as long as sudo users don't use strong password (and most I know _don't_ ), a separate root password is more secure.