On p. 284 I was a bit surprised to see the use of NOPASSWD without a discussion of the security implications though. Intuitively, NOPASSWD seems like a bad idea even with the other security measures in place, but I'm not a security expert, so I had to google it. And it seems like it might not be that bad after all:
I'm still not completely sure and I couldn't really find an authoritative best-practice recommendation, but in any case, it seems like something you shouldn't just copy-paste without trying to understand the implications, so it would be great if your book included a short discussion on what it is and why/when it's acceptable to use it from a security point of view :)
I agree that intuitively, using NOPASSWD seems like it could be insecure (and it can be in certain circumstances, you just need to understand the risks/rewards). I would like to at least add a warning aside explaining this so it's more clear.
The text was updated successfully, but these errors were encountered: