Add explanation about use of NOPASSWD in security chapter

[geerlingguy]

This is from a reader's email:

On p. 284 I was a bit surprised to see the use of NOPASSWD without a discussion of the security implications though. Intuitively, NOPASSWD seems like a bad idea even with the other security measures in place, but I'm not a security expert, so I had to google it. And it seems like it might not be that bad after all:

https://security.stackexchange.com/questions/45712/how-secure-is-nopasswd-in-passwordless-sudo-mode

I'm still not completely sure and I couldn't really find an authoritative best-practice recommendation, but in any case, it seems like something you shouldn't just copy-paste without trying to understand the implications, so it would be great if your book included a short discussion on what it is and why/when it's acceptable to use it from a security point of view :)

I agree that intuitively, using NOPASSWD seems like it could be insecure (and it can be in certain circumstances, you just need to understand the risks/rewards). I would like to at least add a warning aside explaining this so it's more clear.

[geerlingguy]

I added some warning text in that section with some of the caveats and potential upside to using NOPASSWD. It'll be in the next book revision.