The Ubuntu way of using sudo, whereby the console user is given ALL=(ALL) ALL access, is worrisome. To 0wn a box you only need to know that console user password, which has a much greater risk area of exposure than a typically well-protected root password.
No comments:
Post a Comment