• milicent_bystandr@lemm.ee
    link
    fedilink
    English
    arrow-up
    6
    ·
    10 days ago

    You are not the only one able to execute code under your user’s name. A normally installed program, running under your directive as user, can run other commands under your authority as user.

    But it can’t run as root. You can run things as root via sudo, when you prove your identity as yourself - with the password - rather than another program operating in your name.

    Passwordless sudo I think could be exploited e.g. by writing a script and passing it to bash.

    (Or, as another reply pointed out, it provides a barrier against moderate malice of a passer-by or a ‘friend’ temporarily using your computer.)